Security

Financial Services Under More Frequent DDOS Attacks

The financial services industry saw nearly triple the number of distributed denial-of-service (DDOS) attacks during the first three months of this year compared to the same period last year, according to a report released Wednesday.

The new data comes from security vendor Prolexic, which counts ten of the world's major banks as clients for its DDOS mitigation services. In its report, the company said DDOS attacks also rose in intensity, with increases in both bandwidth and packet-per-second rates.

The average attack bandwidth rose from 5.2G bps (bits per second) in the last three months of 2011 to 6.1G bps in the first quarter of this year. But the average attack length of time dropped from 34 hours to 28.5 hours over the same periods, Prolexic said.

"The reduction in attack campaign duration, combined with an increase in mitigated bytes and packets, indicates that attackers are using shorter, stronger bursts of traffic to conduct DDOS campaigns," the company said.

Prolexic has a network of data centers that attack traffic intended for one of its clients is routed through and filtered.

More than 70 percent of the malicious attack traffic came from China. Two networks -- AS 4134, which belongs to China Telecom, and AS 4837, which belongs to China Unicom -- "take first and second place as the primary source of DDOS traffic," Prolexic reported.

"The most likely explanation for this behavior is the fact that Asia continues to see increased penetration of high-speed internet connectivity," the report said. "At the same time, the use of unpatched and pirated copies of Microsoft Windows is known to be prevalent within the Asia Pacific region."

Computers that lack up-to-date patches are more easily infected by malicious software, which can link the computer to other infected machines as part of a botnet that can be used for DDOS attacks.

To put in perspective the overall rise in DDOS traffic, Prolexic said it mitigated 9.5 petabytes of data for the first quarter of 2012, the same amount it handled during the whole of 2011. A petabyte is equal to 1,000 terabytes.

Send news tips and comments to jeremy_kirk@idg.com

Subscribe to the Security Watch Newsletter

Comments