Lloyds Bank was forced to go offline after a 48-hour Denial of Service (DDOS) attack crippled their systems and blocked access to 20 million UK accounts.
The DDoS attack went on for about 2 days, from January 11 to January 13th, as Lloyds, in addition to Halifax and Bank of Scotland, were bombarded with millions of fake requests designed to bring their systems to a standstill. The attack only affected the availability of services, and no customers suffered any financial loss.
In a DDoS attack, online systems are flooded with huge amounts of data, with hopes to overload the site and take services offline. This form of attack is generally conducted by hired competitors, hacktivists, or other interest groups. It is important to note that DDoS attack have been using this in the past to hide other malicious activity going on within an organizations IT estate.
Lloyds has declined to comment on this issue, claiming, “We experienced intermittent service issues with internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused. We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems. In most cases, if customers attempted another login they were able to access their accounts. We will not speculate on the cause of these intermittent issues.”
This DDoS attack comes just months after the Tesco Bank attack that left 9,000 Tesco customers with £2.5 million in fraudulent transactions. The shortly after that attack, the UK banking sector enacted contingency plans that enable members to share critical intelligence information in hopes to prevent these kinds of disruptive and damaging attacks.
Those affiliated with the financial industry should be well versed in Sarbanes-Oxley SOX compliance and what needs to be done to achieve, prove and remain compliant. SOX requires an organization to establish internal controls and procedures for financial reporting in an effort to reduce corporate fraud. This means your IT estate- servers, networks, and IT practices and operations- must be reinforced and configured to maintain and demonstrate compliance in the event of an audit. NNT’s Change Tracker Gen7 ensures IT systems are protected from fraud, with requisite audit trails provided to prove system integrity has been maintained, followed by systems hardening and provisioning a strict ‘principle of least privilege’ basis.
Read this article on The Guardian