Device Hardening and Continuous Compliance MonitoringCONTINUOUS COMPLIANCE

According to the Armed Forces, Swedish military computers were hacked and consequently used in an attack targeting major United States banks back in 2013.

The attack took out the websites 20 major U.S. banks and financial institutions, and in some cases, for several days. Military spokesman, Mikael Abramsson, claims a server within Sweden’s’ defense system had a flaw that was abused by hackers to carry out the malicious attacks.

The vulnerable servers were used in a DDoS attack that struck the websites of major banks like Citigroup, Capital One and HSBC with overwhelming requests for information. The attacks started back in 2012 and continued uninterrupted for months, warranting this breach the biggest ever reported at the time of the attack.

The attacks were initially blamed on Iran, claiming it was in retaliation for political sanctions and previous cyber-attacks on its own systems.

But Sweden is not solely to blame- various other vulnerable servers around the world were used to execute the attack, and together they created an internet traffic jam so powerful that it knocked the banks ‘offline’.

According to Abramsson, “The hacking attack was a kind of wake-up call for us and forced us to take very specific security steps to prevent such a thing from happening again.”

Conducting DDoS attacks and disabling an organization's web presence has become easier than ever before, however, this type of attack also remains one of the most difficult to defend against. According to NNT’s CTO, Mark Kedgley, “DDOS remains one of the most difficult attacks to defend against - by definition, the attack is perpetrated simultaneously from large numbers of devices including home and business users wherever a Trojan has been deployed. This makes the standard countermeasure for DDOS - blocking/blacklisting associated IP addresses - extremely hard.”

As these large attacks become increasingly common, it’s time to defend against DDoS! One route is to prevent the establishment of Botnets- this will require being malware-aware and abiding by best security practices. Once the botnets’ invoked, organizations should isolate the malware responsibly and get it removed before any damage is done.

For some helpful times on how to mitigate the damage done by a DDoS attack, see our How To Protect Yourself- DDoS Learning Curve Article

 

Read this article on Security Week

Products
USA Offices
New Net Technologies Ltd
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
emailUSinfo@nntws.com
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
emailinfo@newnettechnologies.com
NNT Newsletter
Sign up to receive our monthly newsletter covering breaking security news, how-to-tips, trends and commentary directly to your inbox.


Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Copyright 2017, New Net Technologies Ltd. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies Ltd.
All other product, company names and trademarks are the property of their respective owners.