Even hacktivists need to take a holiday it seems, so American banks may get a much appreciated break this week from the recent onslaught of Distributed Denial of Service (DDoS) attacks that have had the financial sector on high alert since last month.
Izz ad-Din al-Qassam Cyber Fighters, the Islamic extremist group who have claimed responsibility for the series of attacks that resulted in intermittent website downtime for at least ten institutions, announced in a Pastebin post that they will temporarily suspend their campaign in honor of the Muslim celebration Eid al-Adha.
The group also indicated they will be entertaining offers from media outlets for an exclusive interview with the intent to better explain their motivations for the attacks, which are understood to be in protest of a controversial YouTube video which mocks the prophet Mohammed.
“Due to approaching Eid al-Adha and to commemorate this breezy and blessing day, we will stop our attack operations during the next days. Instead, we are going to have an interview with one of the American media and press about our ideas and positions,” the group stated.
Last week HSBC, Ally and BB&T confirmed they were the latest banks to be targeted by the DDoS attacks, joining previous victims which include Wells Fargo, US Bank, PNC, Bank of America, JPMorgan Chase, Capital One, Suntrust Bank and Regions.
Rampant speculation on the actual source of the attacks continues, with some like Senator Joseph Lieberman and PNC Bank CEO James Rohr accusing the Iranian government of being behind the campaign, while the more conspiracy-minded types are asserting that the attacks are actually part of a false flag operation orchestrated by the U.S. and Israel to enlist international support for military action against the Iranians.
Other sources believe the attacks are a diversionary tactic being used by Russian crime syndicates who are attempting to conceal a “mega-heist” employing malware disseminated through an email-based spear-phishing operation aimed at facilitating fraudulent wire transfers.
Even the infamous rogue movement Anonymous has made a play for headlines with unsubstantiated claims that its minions were actually responsible for the DDoS hit against HSBC, as seen in tweets from @FawkesSecurity and in a YouTube video. Though they declined to provide a rationale for the attack, the group alleges it is now in possession of as many as 20,000 debit card account details stolen from HSBC.
Regardless of who is actually behind the campaign, defending against DDoS attacks can be difficult. The tactic is favored by hacktivists because it is generally low-tech and simple to carry out. Network-layer DDoS attacks usually involve a barrage of data directed at a web server at such high frequency that it causes disruptions for the targeted website.
As s defense measure against DDoS attacks and other malicious forms of web traffic, organizations can deploy a first line of defense appliance behind the router and in front of the firewall to filter unwanted traffic before it ever reaches the network, in turn eliminating the need for multiple load balancers and servers and reducing the overall volume of data logged by monitoring systems.