Hacked Swedish Military Server Used in 2013 Financial Attacks

According to the Armed Forces, Swedish military computers were hacked and consequently used in an attack targeting major United States banks back in 2013.

The attack took out the websites 20 major U.S. banks and financial institutions, and in some cases, for several days. Military spokesman, Mikael Abramsson, claims a server within Sweden’s’ defense system had a flaw that was abused by hackers to carry out the malicious attacks.

The vulnerable servers were used in a DDoS attack that struck the websites of major banks like Citigroup, Capital One and HSBC with overwhelming requests for information. The attacks started back in 2012 and continued uninterrupted for months, warranting this breach the biggest ever reported at the time of the attack.

The attacks were initially blamed on Iran, claiming it was in retaliation for political sanctions and previous cyber-attacks on its own systems.

But Sweden is not solely to blame- various other vulnerable servers around the world were used to execute the attack, and together they created an internet traffic jam so powerful that it knocked the banks ‘offline’.

According to Abramsson, “The hacking attack was a kind of wake-up call for us and forced us to take very specific security steps to prevent such a thing from happening again.”

Conducting DDoS attacks and disabling an organization's web presence has become easier than ever before, however, this type of attack also remains one of the most difficult to defend against. According to NNT’s CTO, Mark Kedgley, “DDOS remains one of the most difficult attacks to defend against - by definition, the attack is perpetrated simultaneously from large numbers of devices including home and business users wherever a Trojan has been deployed. This makes the standard countermeasure for DDOS - blocking/blacklisting associated IP addresses - extremely hard.”

As these large attacks become increasingly common, it’s time to defend against DDoS! One route is to prevent the establishment of Botnets- this will require being malware-aware and abiding by best security practices. Once the botnets’ invoked, organizations should isolate the malware responsibly and get it removed before any damage is done.

For some helpful times on how to mitigate the damage done by a DDoS attack, see our How To Protect Yourself- DDoS Learning Curve Article

 

Read this article on Security Week

Cloud and Container Security
The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
Information
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.