U.S. Bank's website was recently hit with a Distributed Denial of Service (DDoS) attack allegedly perpetrated by Muslim hacktivists, according to InformationWeek. DDoS attacks have become a common tool for hacktivists, more as a way to draw attention to their cause than to actually leave long-lasting damage. Nonetheless, downtime can eat away at a company's profits, and a well perpetrated attack can cause serious problems.
The attack follows a similar problem that faced Wells Fargo earlier in the week, hinting at a trend of banks being the target of recent hacktivism. But these attacks are a new twist on an old method, according to the news source. For one thing, there is no reliance on a botnet, or a controlled network of computers, which can be shut down much more easily by a government. Instead, groups of volunteers are downloading easy-to-install scripts and programs that will repeatedly attempt to access a site, overloading the system and causing it to crash.
The problem with this approach is stopping it is much more meticulous. Instead of finding a single server, several different computers need to be shut down. However, such a tactic requires a large amount of coordination, which can help authorities find the source. The reports demonstrate the need for better security intelligence and new practices to shut down offending sources before they cause a problem. More websites are incorporating maximum refresh rates on each visitor in an attempt to combat DDoS and businesses are relying on more scalable options that can allow for much greater spikes in traffic without causing issues.
