-
The New York Times reported that the long-time rumors that Iran is behind a swath of distributed denial of service attacks on banks are true.
January 9 -
DDoS attacks have resumed intermittently for BB&T in North Carolina.
January 16 -
Banks are turning to the National Security Agency for help mitigating DDoS attacks.
January 11
Cyberattackers are boosting the frequency and firepower of their assaults as well as shifting tactics to avoid detection.
Attacks designed to slow companies' websites rose 19% in the fourth quarter of 2012, compared with a year earlier, Prolexic, a digital security firm, said in a report published Thursday.
So-called denial of service attacks consumed roughly 13.5% more processing power than they did in the fourth quarter of 2012, as attackers used a toolkit called itsoknoproblembro to create malicious software that can commandeer armies of servers that can flood companies' websites with a digital tsunami.
"2012 demonstrated a remarkable evolution within the world of DDoS activity," Prolexic staff wrote, referring to distributed denial of service attacks. "Over the 12-month period, large attacks targeted the financial services, e-commerce, [software as a service], and energy sectors as well as government organizations and even specific [internet service providers]."
The report added that "the paradigm shifted with the emergence of the itsoknoproblembro" malware, which "allowed for effective and automated reconnaissance, exploitation, infection and attack management."
The findings come amid a
Some big banks reportedly have
The report finds that attackers refined itsoknoproblembro throughout 2012 as they sought to boost the malware's effectiveness and to avoid detection.
According to Prolexic, most attacks that used itsoknoproblembro in the fourth quarter are believed to have originated in China as a result of the number of vulnerable servers and workstations located in the country. A majority of the remaining traffic is thought to have come from machines in Eastern Europe and throughout the rest of Asia.
Though website owners can defend against the attacks by either filtering traffic to their sites or disabling the attacking software, the latest forms of malware can themselves become servers. "This means that for practical reasons the individual bots themselves must ultimately be identified and removed," Prolexic wrote.