DDoS attacks have always been the reliable weapon of choice for threat actors around the world. But as networks become more complex, DDoS attacks have become more sophisticated and malicious in the damage they cause, especially to a bank. For various reasons, ranging from ideological to simple greed, DDoS attackers seek to disrupt the activities of organizations, and sometimes even carry out ransom attacks.
Given the dramatic increase in DDoS attacks in recent years, with an increase of over 60%, many official reports predict that the total number of DDoS attacks in 2023 will exceed 15 million attacks, leaving organizations vulnerable. With DDoS-as-a-service subscriptions becoming more popular among threat actors, and can cost up to $500, it’s easy to launch a DDoS attack on vulnerable organizations around the world.
The dynamic nature of cloud environments and their associated workflows make it easier for threat actors to bypass protection services. Thus, DDoS operators continue to launch attacks that severely impact the organization’s uptime.
A bank is a prime target for DDoS attacks
In recent years, banks have been at the top of the list of DDoS targets, with several large DDoS attacks launched against leading global banks in early 2023. According to several official reports, the current average duration of a successful DDoS attack is over 50 hours, with several hours of official downtime .
For a bank, this is a decisive blow and may cause serious damages, both financial and reputational. In 2022, the UK’s FCA (Financial Conduct Authority) reported that 25% of reported cyber attacks were DDoS attacks, up from just 4% in 2021. 15% of organizations that suffered DDoS attacks lost millions.
Recently, 9 banks in Denmark suffered one hour of downtime in a coordinated DDoS attack. In that one hour of downtime, the banks lost well over $3 million, not taking into account remediation, reputational damage and possibly ransom payments. In April 2023, UPS suffered one hour of downtime following a DDoS attack and apparently lost about $6 million. **
Why is the bank targeted?
There is no doubt that banks are a desirable target for DDoS threat actors, and cyber security teams, as well as CISOs, are well aware of the risks. So why are they still suffering from damaging downtime and losses due to DDoS attacks?
First, we must take into account that the increase in DDoS attacks against banks begins with the acceleration of digitization to meet the needs of their customers. As online services become more complex on the one hand, and customers rely on them on the other, organizations lose visibility into their security posture, leaving them extremely vulnerable.
Banks and other global organizations purchase top-of-the-line DDoS protection services, believing they will be protected in the event of a DDoS attack. But these services are not always tested properly, and cannot be tested without downtime.
A revolution in DDoS security
The average DDoS vulnerability rate for organizations with defense systems is all over the place between 30-75%. DDoS protection providers are very good at stopping DDoS attacks, but only those they are aware of and know about.
Organizations remain vulnerable due to unknown attack vectors that evolve on a daily basis in direct response to ever-changing digital environments. So currently, most organizations are almost blind, while the average number of DDoS attacks per day is well over 23,000. Every minute we see more than 16 DDoS attacks launched somewhere in the world, most of them targeting the financial sector.
To move forward with the new approach of combating DDoS attacks, organizations must take proactive steps to build their DDoS resilience. No matter what protection service is deployed, the reality is that financial institutions are highly vulnerable to DDoS attacks and the only way to remain DDoS resistant is to adopt non-intrusive testing.
Organizations and their defense providers must perform Ongoing DDoS checks on live environments to uncover hidden vulnerabilities, prioritize their remediation, and verify that remediation has been performed correctly. The old way of protecting online services from DDoS attacks does not work. It is time to adopt the new approach from reactive to preventive to stay ahead of the threat curve.
** Conservative estimates, based on online damage calculators.
.
