BB&T Site Outages Linked to DDoS

Ninth Bank to be Targeted; More to Come?
BB&T Site Outages Linked to DDoS

BB&T Corp., a Winston-Salem, N.C.-based bank, acknowledged Oct. 17 that its website was suffering from intermittent outages related to a distributed denial of service attack. The $178.5 billion institution is the ninth U.S. bank to be affected by a DDoS strike in the last five weeks.

See Also: Defense Strategies for Advanced Threats: Breaking the Cyber Kill Chain with SANS 20 Critical Security Controls

"BB&T is experiencing intermittent outages on due to a 'Denial of Service' event," bank spokesman Brian Davis told BankInfoSecurity during the late afternoon of Oct. 17.

BB&T's site outage is the second attack apparently waged by the hacktivist group Izz ad-Din al-Qassam Cyber Fighters this week. On Oct. 16, Capital One's online banking and corporate sites suffered outages believed to be caused by a second attack aimed at the bank by the hacktivist group.

CapOne's site was back up and running by the morning of Oct. 17, says spokeswoman Tatiana Stead, although some customers may continue to suffer from periodic glitches linked to ongoing system upgrades.

"All of our systems are fully operational," Stead told BankInfoSecurity. "In light of the recent events, we have taken a number of precautions which may inadvertently cause some challenges for a small number of customers visiting our website. We encourage anyone experiencing any difficulties to call our customer service."

Series of Attacks

The first attack against CapOne came Oct. 9, one day before the targeted attack against SunTrust Banks and two days before the attack against Regions Financial Corp.

On Oct. 16, a post on Pastebin claiming to be from Izz ad-Din al-Qassam claimed more attacks against U.S. banks would be waged between Oct. 16 and Oct. 18. Unlike previous attacks threatened, the group said it would not name in advance the banks to be targeted.

Izz ad-din Al Qassam said it would continue to target U.S. institutions until a YouTube movie trailer believed by the group to be anti-Islam is removed from the Internet. Experts, however, question whether that outrage is just a front for some more nefarious motive.

Mike Smith, a security evangelist with online security provider Akamai Technologies, says the fact that CapOne was targeted for a second time suggests fraud is likely the catalyst.

"We are assuming that the attackers are doing this to perpetrate fraud," Smith says. "The attackers are looking for targets that have footprints on employees' desktops so they can compromise those employees and get access to accounts. That's the assumption we are operating under at this point."

For more information about the DDoS attacks against banks, see:

About the Author

Tracy Kitten

Tracy Kitten

Executive Editor, BankInfoSecurity & CUInfoSecurity

A veteran journalist with more than 18 years' experience, Kitten has covered the financial sector for the last 11 years. Before joining Information Security Media Group in 2010, where she now serves as the Executive Editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network