DDoS attacks on U.S. banks and credit unions have resumed, just as industry experts predicted. Security specialist Bill Stewart says this wave is yet another sign that institutions must bolster defenses.
Distributed-denial-of-service attacks are not new, but they are being taken more seriously as a threat to network security and data protection, especially by financial-services, says Ashley Stephenson of Corero Network Security.
Malware, DDoS and mobile security aside, one of the biggest risks is organizations' lack of visibility into specific threats. Don Gray of Solutionary explains the need for actionable threat intelligence.
Although a hacktivist group says it has suspended distributed-denial-of-service attacks on U.S. banking institutions, banking and security leaders aren't convinced. "Banks should certainly remain on guard," says Gartner's Avivah Litan.
Banks have improved DDoS defenses, but ensuring ongoing online reliability requires a more offensive measure - one that rids the Internet of vulnerable sites that can too easily be used for bot traffic.
Independent monitoring shows U.S. banks doing a better job of deflecting DDoS attacks. Nevertheless, DDoS expert John Walker says the attackers continue to represent "a growing threat" to all organizations.
"A year ago, quite frankly, the capability was not there," DHS Deputy Undersecretary for Cybersecurity Mark Weatherford says. "We did not have the capacity to collaborate nearly as effectively as we do now."
In the last few months, major U.S. banking institutions have been victims of a powerful wave of distributed-denial-of-service attacks that combine three different attack tools. These "Triple Crown" attacks take DDoS to a whole new level. How can institutions improve their defenses?
Join this session for expert...
How are banks responding to DDoS phase 2? "From a technology standpoint, we have improved our defenses quite a bit," says Dan Holden of Arbor Networks. Experts discuss top DDoS lessons banks have learned.