The Fraud Examiner
The Evolving Threat of DDoS Attacks
What CFEs and their organizations should know about zombie armies and robot networks
By Zach Capers, CFE
As the 2012 holiday season was wrapping up, several major banks including Wells Fargo, PNC and Bank of America were busy defending their websites against online distributed denial of service (DDoS) attacks. For several weeks, the assailants, known as the Izz-ad-Din al-Quassam Cyber Fighters, have been bombarding U.S. online banking sites with data in an effort to knock them offline and prevent legitimate customers from accessing their accounts. The group has promised to continue the DDoS attacks until an incendiary video that was recently posted online is removed from the Internet.
Perhaps the most prominent DDoS attacks have been executed by the infamous hacker collective known as Anonymous. In recent years, the group has conducted several high profile DDoS attacks on financial institutions, web-hosting companies and government websites. Anonymous uses the attacks to draw publicity to their causes such as perceived injustices and censorship. While the DDoS attacks by Anonymous appear to be strictly political in nature, cybercriminals might use DDoS attacks for other purposes, including the commission of fraud.
Motivations for DDoS Attacks
Ideology – The most commonly recognized motivations for DDoS attacks are spawned by political fervor. Ideological hackers, or hacktivists, often target government agencies and companies involved in controversial industries. In late 2010, several credit card companies were temporarily taken offline by DDoS attacks launched by groups sympathetic to WikiLeaks, which had just had its credit services suspended.
Extortion – Companies might receive a demand for payment in order to avoid having their websites knocked offline by DDoS attacks. A similar tactic is the increasingly pervasive use of ransom-ware, which infects a computer, locks it and displays a message threatening that the user’s files will be deleted if a payment is not received.
Competition – DDoS attacks might be carried out in order to disrupt a competing organization’s online services. These attacks can inflict significant damage to the reputation and finances of companies that primarily conduct their business online.
Fraud – DDoS attacks are now being used as a tool to aid in fraud. While an organization’s technical personnel are distracted by a DDoS attack, fraudsters might simultaneously attempt to access customer accounts and other sensitive information. In December of 2012, the U.S. Office of the Comptroller of the Currency issued an alert detailing the connection between fraud and DDoS attacks on financial institutions.
Not a member? Click here to Join Now and access the full page.