DDoS attacks have always been the reliable weapon of choice for threat actors worldwide. But as networks become more complex, DDoS attacks have become more sophisticated and malicious in the damage they inflict, especially on a bank. For various reasons, stemming from ideological to plain greed, DDoS attackers seek to disrupt organizations’ activity, and sometimes even perform ransom attacks.
Given the dramatic rise of DDoS attacks in recent years, with an incline of over 60%, many official reports predict the total number of DDoS attacks in 2023 will surpass 15 million attacks, leaving organizations vulnerable. With DDoS-as-a-service subscriptions becoming more popular among threat actors, and can cost as little as $500, it is easy to launch a DDoS attack on vulnerable organizations worldwide.
The dynamic nature of cloud environments and the workflows that accompany them make it easier for threat actors to bypass protection services. Thus, DDoS perpetrators continue to launch attacks that severely impact an organization’s uptime.
A Bank is a Leading Target For DDoS Attacks
In recent years, Banks have been on the top of the list of DDoS targets, with several major DDoS attacks launched against leading global banks in early 2023. According to several official reports, the current average duration of a successful DDoS attack is over 50 hours, with several hours of official downtime.
For a bank, this is a crucial blow and can cause severe damages, both monetary and reputational. In 2022, the UK’s FCA (Financial Conduct Authority) reported that 25% of cyberattacks reported were DDoS attacks, compared to only 4% in 2021. 15% of organizations that suffered DDoS attacks lost millions.
Recently, 9 banks in Denmark suffered one hour of downtime in a coordinated DDoS attack. In that single hour of downtime, the banks lost well over $3 million, without taking into account remediation, reputational damages, and perhaps ransom payments. In April of 2023, UPS suffered one hour of downtime following a DDoS attack and presumably lost around $6 million. **
Why is the Bank Targeted?
There is no doubt that banks are a coveted target for DDoS threat actors, and cybersecurity teams, as well as CISOs, are well aware of the risks. So, why do they still suffer damaging downtime and losses due to DDoS attacks?
First, we must take into account that the surge in DDoS attacks against banks begins with the acceleration of digitization to answer their customer’s needs. As online services become more complex on the one hand, and clients rely on them on the other, organizations lose their visibility into their security posture, leaving them extremely vulnerable.
Banks and other global organizations purchase top-of-line DDoS protection services, believing they will protect them in case of a DDoS attack. But these services are not always tested adequately, and they cannot be tested without downtime.
A Transformation in DDoS Security
The average DDoS vulnerability rate for organizations with protection systems is anywhere between 30-75%. DDoS protection vendors are very good at stopping DDoS attacks, but only the ones they are aware of and know about.
Organizations are left vulnerable due to unknown attack vectors that evolve on a daily basis in direct response to ever-changing digital environments. So, currently, most organizations are practically flying blind, while the average number of DDoS attacks per day is well over 23,000. Every minute sees more than 16 DDoS attacks are launched somewhere in the world, most of them targeting the financial sector.
To advance themselves to the new approach of battling DDoS attacks, organizations must take proactive steps to build their DDoS resilience. No matter which protection service is deployed, the reality is that financial institutions are highly exposed to DDoS attacks and the only way to remain DDoS resilient is to adopt non-disruptive testing.
Organizations and their protection vendors must perform continuous DDoS testing on live environments to uncover hidden vulnerabilities, prioritize their remediation, and validate that the fixes were performed correctly. The old way of protecting online services against DDoS attacks does not work. It is time to embrace the new approach from reactive to preemptive in order to stay ahead of the threat curve.
** Conservative estimations, based on online damage calculators.