According to the Armed Forces, Swedish military computers were hacked and consequently used in an attack targeting major United States banks back in 2013.
The attack took out the websites 20 major U.S. banks and financial institutions, and in some cases, for several days. Military spokesman, Mikael Abramsson, claims a server within Sweden’s’ defense system had a flaw that was abused by hackers to carry out the malicious attacks.
The vulnerable servers were used in a DDoS attack that struck the websites of major banks like Citigroup, Capital One and HSBC with overwhelming requests for information. The attacks started back in 2012 and continued uninterrupted for months, warranting this breach the biggest ever reported at the time of the attack.
The attacks were initially blamed on Iran, claiming it was in retaliation for political sanctions and previous cyber-attacks on its own systems.
But Sweden is not solely to blame- various other vulnerable servers around the world were used to execute the attack, and together they created an internet traffic jam so powerful that it knocked the banks ‘offline’.
According to Abramsson, “The hacking attack was a kind of wake-up call for us and forced us to take very specific security steps to prevent such a thing from happening again.”
Conducting DDoS attacks and disabling an organization's web presence has become easier than ever before, however, this type of attack also remains one of the most difficult to defend against. According to NNT’s CTO, Mark Kedgley, “DDOS remains one of the most difficult attacks to defend against - by definition, the attack is perpetrated simultaneously from large numbers of devices including home and business users wherever a Trojan has been deployed. This makes the standard countermeasure for DDOS - blocking/blacklisting associated IP addresses - extremely hard.”
As these large attacks become increasingly common, it’s time to defend against DDoS! One route is to prevent the establishment of Botnets- this will require being malware-aware and abiding by best security practices. Once the botnets’ invoked, organizations should isolate the malware responsibly and get it removed before any damage is done.