Hacktivists strike U.S. Bank with volunteer-powered DDoS

U.S. Bank's website was disrupted on Wednesday in a people-powered distributed denial of service (DDoS) attack, launched by a group of Islamic hacktivists who have claimed responsibility for similar cyberattacks against four other banks in the U.S.

The attack involved hundreds of thousands of computers sending an overwhelming number of requests that downed the site for roughly an hour, starting at around 3:30 Pacific, said Atif Mushtaq, a security researcher at FireEye who has been monitoring the attack.

The disruption of U.S. Bank's website comes one day after a similar attack against Wells Fargo & Co. The group has taken credit for other attacks that occurred last week, against Bank of America, JPMorgan Chase and Citigroup.

A representative of U.S. Bancorp, which operates as U.S. Bank, confirmed it was under attack. "We apologize that some customers experienced intermittent delays today on our website. We have been working hard to restore full connectivity," the spokeswoman said.

"We are asking customers who are experiencing issues with our online or mobile sites and have an urgent banking need to please call us at 1-800-US-BANKS, or stop by one of our branches," she said.

She said the issues were "related to unusual and coordinated high traffic volume designed to slow down the system -- similar to what other banks have experienced in the past week."

"We are working closely with federal law enforcement officials to address the issue. In the meantime, we can assure customers that their data and funds are secure," the spokeswoman added.

A new twist on DDoS

Rather than launch the attack from a network of compromised machines, called a botnet, the attackers are apparently using volunteers, Mushtaq said. Participants go to either one of two file-sharing sites and download a program written in a scripting language. Once the program is running, a person only has to click on a "start attack" button to send continuous requests to the target's website.

This method makes it more difficult for authorities to stop the attack, because there are no control servers. "They know [servers] can be blocked very easily," Mushtaq said.

The group calling itself "Mrt. Izz ad-Din al-Qassam Cyber Fighters" had said on a Pastebin post that it would attack Wells Fargo on Tuesday, U.S. Bank on Wednesday and PNC Financial Services Group on Thursday.

DDoS attacks, which experts say banks can only hope for best with, are considered crude because they do not require any sophisticated technology, just a large enough network of computers to overwhelm a site. Banks the size of the ones under attack would have to be hit by a network of hundreds of thousands of computers in order to disrupt their sites, Mushtaq said.

The use of volunteers launching attacks from their own computers makes it difficult for banks to separate traffic and redirect the DoS requests, Mushtaq said. "There's no way you can distinguish between the benign traffic and this DDoS traffic," Mushtaq said. "It's simply mixed up."

The group claiming to be behind the attacks indicated in the Pastebin post that it was in retaliation for the video trailer denigrating the Prophet Muhammad. The amateurish YouTube video made in the U.S. has sparked violent protests in the Middle East and other regions.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place