The latest DDOS attack today against Cap One, which hactivists pre-announced, may be followed by attacks against two other preannounced (on Pastebin) hacktivist attacks against U.S. regional banks. I personally take these very seriously. In speaking with others closer to the situation, it appears the hacktivists are voluntarily stopping their attacks and taking breathers so that they don’t get caught. The authorities know which compromised servers are used to lob the mega payloads against the banks, but they haven’t yet identified or located the individuals conducting the attacks.
One highly respected researcher says there is direct evidence that the same tools used in January 2012 to take the Israeli stock exchange and El Al airlines websites down are being used for these DDOS attacks. And those attacks against the Israeli companies were publicly praised by Hamas leaders. No doubt, they are hiring English speaking experts for the ‘technical details.’
So is there fraud against accounts at these banks under siege? There are anecdotal accounts of fraud getting through their call centers, where call volume ratchets up tremendously during the attacks when web applications are unavailable, and more ‘untrained’ call center staff are put to work to help handle the volume. The bad guys socially engineer or lie their way through the identity proofing processes, and are able to get wire transfers executed over the phone. Call center security is much weaker than web security. Now would be a good time to change that.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.