DDoS attacks targeting financial markets
Prolexic says attackers are using DDoS to manipulate financial markets
Cyber attackers are using Distributed Denial of Service (DDoS) attacks to try to influence financial markets and interfere with trading platforms, according to a new report from Prolexic Technologies.
The DDoS protection service provider has analysed nearly a dozen recent DDoS attacks which appear to have been attempts to manipulate financial markets. Prolexic has released a white paper, DDoS Attacks Against Global Markets, which details the attacks and the methods involved.
These attacks mark a significant change in the use of DDoS, the company said, which has typically been used in the past either as protest tactic or to extort money from targets.
"Typically, DDoS attacks are launched to fuel public discourse, or for revenge, extortion and blackmail - but that is changing," said Stuart Scholly, president of Prolexic. "During the past few years in particular, DDoS attack campaigns have posed a significant threat to the financial services industry, as well as other publicly traded businesses and trading platforms. As part of our DDoS attack forensics, we have uncovered a disturbing trend: Many of these malicious attacks appear to be intent on lowering the target's stock price or currency values, or even temporarily preventing trades from taking place."
The company identified two groups behind the most significant series of attacks, L0ngwave99, which targeted US securities and commodity exchanges, and al-Qassam Cyber Fighters (QCF) which also targeted US financial companies and institutions. The attacks were mainly politically motivated, and sought to damage the reputations of the businesses involved and cause them financial losses through preventing them from trading, rather than being attempts to manipulate markets for financial gain
"A few specific cyber-terrorist groups are responsible for most of these attacks. So far they have not been successful in bringing down an entire major marketplace," explained Scholly. "But DDoS attacks keep getting bigger, stronger, longer and more sophisticated, so we cannot be complacent. What's more, the risk goes beyond the actual outage - social media chatter and media coverage can amplify the perceived effect, disruption and damage caused by a cyber-attack campaign."
ACN is still looking for your input to our 2014 Security Behaviour Survey. Click the link to complete the survey and enter the draw to win an iPad Air.