More DDoS attacks will be application based: Gartner

A new class of distributed denial of service (DDoS) has emerged and targeted US banks, says analyst firm.

Gartner US distinguished analyst Avivah Litan.

Gartner US distinguished analyst Avivah Litan.

Hackers are adapting distributed denial of service (DDoS) attacks and combining these with social engineering tactics to try and infiltrate banks, warns Gartner.

According to Gartner's new report called Arming Financial and E-Commerce Services against Top 2013 Cyberthreats, 25 per cent of DDoS attacks to take place this year will be application based.

Gartner said hackers send out targeted commands which put strain on the central processing unit (CPU) and make the application unavailable.

Hackers use DDoS attacks primarily to distract security staff so that they can steal information or money from accounts, the analyst firm said.

How to report a cyber threat to Australian police

How to prepare for a hacktivist attack

Security threats explained: Social engineering

According to Gartner US distinguished analyst Avivah Litan, this new class of application based DDoS attacks were first targeted against banks in the United States during the second half of 2012.

“These attacks sometimes added up to 70 gigabits per second [Gbps] of noisy network traffic blasting at the banks through their Internet pipes,” she said in a statement.

“Until this recent spate of attacks, most network-level DDoS attacks consumed only five Gbps of bandwidth, but more recent levels made it impossible for bank customers and others using the same pipes to get to their websites.”

To combat this risk, Litan said financial services organisations should look at network configurations and re-architect these configurations to minimise the damage.

For example, the companies should employ a layered approach that combines multiple DOS defences.

“Gartner advocates co-operation with industry associations to share intelligence that can be acted on collectively and quickly, as well as enterprise investments in fraud prevention technology and the strengthening of organisational processes,” she said.

Social engineering

Turning to the social engineering aspect of these new attacks, Gartner’s cyber threats report included examples of criminals who have approached people posing as law enforcement agents or bank officers to help them through account migration. The people’s bank accounts were then compromised by the criminal.

“Gartner recommends deploying layered fraud prevention and identity-proofing techniques to help stop the social engineering attacks from succeeding,” Litan said.

“In particular, fraud prevention systems that provide user or account behavioural profiling and entity link analysis are useful in these cases.”

According to Litan, call centre call analytics and fraud prevention software can be deployed to help catch fraudsters committing crimes via social engineering or by using stolen identities.

In addition, banks should educate customers about best security practices to help them avoid phishing attacks and social engineering ploys.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the CSO newsletter!

Error: Please check your email address.

Tags DDoS attacksGartnerAvivah Litandistributed denial of service (DDoS)social engineering

More about Gartner

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Hamish Barwick

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place