Are the ongoing DDoS attacks against U.S. banks just the calm before the storm?

That’s a viable hypotheses after hearing that the attackers only used one third of the bandwidth they had staged for their latest round of attacks against U.S. banks last Tuesday. Reportedly, on Tuesday the total size of the DDoS attack was 190 gigabits at one time, with the largest attack against a single bank at 110 gigabits.

Interestingly, the attackers could have easily done even more damage but they chose not to. 9200 bots were identified as attack-capable but the total number of bots actually involved in sending the DDoS traffic to the banks numbered only about 3200. The other 6000 bots sat there doing nothing.

Also reportedly no single bot was used to attack more than one bank. So different bots were allocated for different banks, which is very different than the attack strategy employed when this whole thing started where all 3000 bots were used to attack all the banks that were targeted.

Shifting cyberwar strategies. I wonder what’s going on on the U.S. side. I wonder if the U.S. government is about to launch a counterattack. This whole mess could get a lot messier. It seems to me like an unending losing battle for more bandwidth. We need a paradigm shift in how we secure our websites.

In the meantime, check your bank balance often and try to keep it as low as possible 🙂 While the possibility of fraud against it is still very low, there are increasing reports of fraud associated with the lower level (bandwidth) DDoS attacks that are also being launched, presumably by a different gang than those conducting the high bandwidth DDoS attacks.