Possible website attacks on small banks and credit unions on May 7
05/07/2013 08:10 am
The USA Today has more on a possible attack on financial institutions' websites. Don't be surprised if your bank or credit union website suddenly goes offline on Tuesday, May 7.
Consumer websites for the White House, FBI, and seven other federal agencies, along with 130 large and small banks and credit unions have been targeted by the hacking collective Anonymous for Distributed Denial of Service, or DDoS, attacks on Tuesday.
What's notable is that dozens of smaller banks and credit unions are on the target list, which has been
posted on Pastebin. And many may not be adequately defended, says Jerry Irvine, chief information officer at Prescient Solutions, a Chicago-based technology IT outsourcer.
The hacktivists' motive: backlash over what the attack organizers refer to as America's "war crimes."
The U.S. finance sector already has spent millions repelling DDoS attacks that are part of a months-long campaign, presumably by Iranian nationalists, determined to systematically harass U.S. financial institutions, as
CyberTruth has reported.
Tomorrow's planned caper does not appear to be connected to that campaign, says Irvine. CyberTruth asked Irvine to set the scene.
CT: How likely is it that Anonymous will attempt to carry out this DDoS attack?
Irvine: This is absolutely a real threat. Most attacks that have been publicized have been attempted. They are not always successful. However, there has been some malicious activity as a result of hacktivist threats.
CT: What do these attacks tell us about the current state of hacktivism?
Irvine: There have been a number of predefined hacks that have been absolutely tactical. They know small banks, businesses and governments are vulnerable because they typically don't get large funds for IT.
CT: Why should the average person be concerned?
Irvine: While on the surface denial of service attacks may seem more of an annoyance, this is a real risk. DDoS attacks are the gateway drug to other attacks. DDoS attacks weaken networks making them more vulnerable for other attacks. Identity theft or monetary loss could all be a result of just this one DDoS.
CT: What's the going forward concern?
Irvine: The big concern here is that it just gets worse. These attacks are the wave of the future, not a one-time occurrence, only we're not going to be told about other ones.
CT: Anything else?
Irvine: Prepare your infrastructures and systems to support any type of risk, whether it's Anonymous or a script kiddie.