Monday, 23 January 2017

Lloyds Bank hack: 'DDoS attack' disrupts bank's online services

Reports claim firm was targeted by an international hacker group

LLOYDS BANK has suffered a distributed denial of service (DDoS) attack that has knocked its online services offline. 

Customers took to on the  Downdetector to complain that they were unable to reach the bank's website between 11 January and 16 January,  and since, reports have emerged that an international hacker group may have targeted the firm.

Refusing to confirm or deny the reports of a DDoS attack, which were originally reported by the FT quoting unnamed sources, a Lloyds spokesperson told the IBTimes: "We experienced intermittent service issues with internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused. 

"We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems. In most cases if customers attempted another log-in they were able to access their accounts. We will not speculate on the cause of these intermittent issues."

In November, Tesco Bank was hacked with thousands of customers having funds drained from their accounts, monies that were later refunded. However, there is no suggestion that something similar has occurred in this case.

DDoS attacks have become an increasingly popular tool in the cyber criminals' armoury, and have grown massively in power as more and more devices go online that can be co-opted into botnets. The most powerful DDoS attack ever recorded took down web hosting company OVH last year, apparently the result of a feud among server hosts for the online game Minecraft.

Whatever the truth behind the Lloyds reports, the security industry has been quick to respond.

"DDoS attacks are nothing new," said Emily Orton, co-founder and director at security vendor Darktrace. "But this one on Lloyds Bank follows hot on the heels of the Tesco Bank hack - and was seemingly active over two days. It begs the question: are financial institutions doing enough to defend their networks?"

Ilia Kolochenko, CEO of High-Tech Bridge added: "This case should be thoroughly and urgently investigated, as quite often DDoS attacks are used by professional black hats to distract IT security teams and cover massive data breaches. DDoS attacks are quite simple to organize, but very difficult and expensive to mitigate." µ

No comments:
Write comments