Headlines have been dominated this week by the Anonymous campaign of DDoS attacks against financial institutions all over the world. Named “Op Icarus” in honor of the character from Greek mythology, the campaign seeks to punish what Anonymous views as “corrupt” banks and individuals in the financial sector.
As we all know, distributed denial of service (DDoS) attacks can strike any industry or any organization at any time and without warning. Hacktivism like that carried out by Anonymous and their base of dedicated hackers often involves the use of DDoS attacks, since they provide quick results at low cost, and with minimal risk of compromising the identities of the perpetrators. What’s more, the service downtime they bring about can cause damage to the tune of six-figure sums, so it’s an ideal part of the toolkit for the hacktivist – a fact that is bolstered by people diversifying the techniques behind DDoS attacks.
Distributed denial of service attacks have been a threat to service availability for more than a decade. However, these DDoS attacks have become increasingly sophisticated and multi-vector in nature, overcoming traditional defense mechanisms or reactive countermeasures. These pointed attack campaigns continue to reinforce a growing need for DDoS attack mitigation solutions that can properly defeat attacks at the network edge, and ensure the accessibility required for the financial institutions to maintain business operations in the face of an attack.
While the impact on the individual targets of the DDoS attack campaign, “Op Icarus” is unclear; obstructing or eliminating the availability of email servers is significant. In an online world any type of service outage is barely tolerated, especially in the banking industry where transactions and communications are often time-sensitive, and account security is of utmost importance.
Until distributed denial of service attacks are effectively mitigated as a norm, we can expect hacker communities such as Anonymous to continue gaining notoriety as they bring services down, take websites offline and cause havoc on the internet in pursuit of their goals. 2016 has been a tough year for finance in regard to their cybersecurity, with the massive cyber heist of the Bangladesh Bank as well as the Qatar National Bank data leak having taken place already. It’s safe to say that banks across the globe need maximum security not only for their safes and vaults, but also for their networks. Regardless of the motivations for these attacks, financial firms must be proactive in their defenses.