Avivah Litan

A member of the Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

Coverage Areas:

DDOS attacks against U.S. Banks continue – linkages explored

by Avivah Litan  |  October 9, 2012  |  1 Comment

The latest DDOS attack today against Cap One, which hactivists pre-announced, may be followed by attacks against two other preannounced (on Pastebin) hacktivist attacks against U.S. regional banks. I personally take these very seriously. In speaking with others closer to the situation, it appears the hacktivists are voluntarily stopping their attacks and taking breathers so that they don’t get caught. The authorities know which compromised servers are used to lob the mega payloads against the banks, but they haven’t yet identified or located the individuals conducting the attacks.

One highly respected researcher says there is direct evidence that the same tools used in January 2012 to take the Israeli stock exchange and El Al airlines websites down are being used for these DDOS attacks. And those attacks against the Israeli companies were publicly praised by Hamas leaders. No doubt, they are hiring English speaking experts for the ‘technical details.’

So is there fraud against accounts at these banks under siege? There are anecdotal accounts of fraud getting through their call centers, where call volume ratchets up tremendously during the attacks when web applications are unavailable, and more ‘untrained’ call center staff are put to work to help handle the volume. The bad guys socially engineer or lie their way through the identity proofing processes, and are able to get wire transfers executed over the phone. Call center security is much weaker than web security. Now would be a good time to change that.

1 Comment »

Category: Uncategorized     Tags:

1 response so far ↓

  • 1 Ann   October 11, 2012 at 12:05 am

    thanks