Recent spate of cyberattacks on the U.S. bank websites is an ample proof that the hackers employed sophisticated and diverse tools, including botnet that created a coordinated campaign against the financial services institutions.
The websites of several banks, including Bank of America Corp, JPMorgan Chase & Co, Wells Fargo & Co, U.S. Bancorp and PNC Financial Services, were crippled with access issues. Faced with unusually high traffic, the websites crashed down, Reuters has reported.
The botnet attacks and sophisticated tools attack seem to emphasize a recent study done by web security firm Blue Coat, which has found that malicious cyberattacks spread by malware networks have grown 300 percent in 2012 thus far, according to the Register.
Though no money was removed from the accounts, an untold number of customers were not able to pay bills or transfer money from computers, leaving the banks with remediation expenses and customer irritation.
Apparently, the hackers employed compromised computers, often referred to as botnets that are inexpensive, to rent for short period. Botnets are made up of web servers that are taken over instead of mere computers.
"It's fairly large, but it's something financial institutions are accustomed to dealing with," Doug Johnson, vice president of the American Bankers Association trade group, told Reuters.
Sources familiar with bank attacks have told Reuters that they are part of a year-long cyber campaign waged by the Iranian hackers against the major U.S. financial institutions and other corporate entities.
The recent attacks seem to have generated 30 million electronic packets per second against the websites that overpowered the banks and additional technical resources moved into place to counter the attacks.
Scott Hammack, chief executive of Prolexic Technologies, which specializes in warding off "denial of service attacks,” told Reuters that sheer volume "would overwhelm almost anyone, including large telecommunications companies."
Prolexic's clients include several of the biggest banks though Hammack declined to name them.
Experts said high-volume denial-of-service attacks are common even before the latest bank assaults and would continue to increase in sophistication as well.
"This entire episode speaks to the need for banks, or any business operating online, to be prepared for this type of availability attack," Dan Holden, director of research at security firm Arbor Networks, told Reuters.
The Register also noted that Aleuron, a new botnet, witnessed a 517 percent increase in its activity, making it the most active botnet in the wild.