GS Logo
The Green Sheet, Inc

Please Login

Banner Ad
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

The $7.25 billion settlement proposal: What you need to know

News

Industry Update

New happenings at The Green Sheet

Kate Gillespie
The Green Sheet Inc.

Websites under fire for urging settlement rejection

U.K. rejects payment council for regulator

Virtual currency getting real world attention

Lawsuit claims user authentication patent infringement

Selling Prepaid

Prepaid in brief

Mobile wallets not catching on, yet

Prepaid prescribed for financial health

Views

Fed report shows mobile adoption soaring

Patti Murphy
ProScribes Inc.

Bud break in payments

Brandes Elitch
CrossCheck Inc.

Education

Street SmartsSM:
Paperwork in the digital age

Dale S. Laszig
Castles Technology Co. Ltd.

PII is not your mother's PCI

Ross Federgreen
CSR

Brobot strikes again

Nicholas Cucci
Network Merchants Inc.

Take command of consumer end-point devices

Mustafa Shehabi
PayCube Inc.

Stand out by being true to yourself

Jeff Fortney
Clearent LLC

Company Profile

National Processing Co.

New Products

Pocket-sized mobile printers

SM-S220i, SM-T300i
Star Micronics America Inc.

Reaching out to Level III clients

ePNBillPay with Level III Enhanced Data
eProcessing Network LLC

Inspiration

Use your emotions, not vice versa

Features

Get your message out, socially

Departments

Readers Speak

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

April 22, 2013  •  Issue 13:04:02

previous next

Brobot strikes again

By Nicholas Cucci

A massive distributed denial of service (DDoS) attack stretched beyond major U.S. banks to three gaming sites during the third week of March 2013. This is thought to be the third phase of DDoS attacks that began against U.S. financial institutions in 2012 and have been attributed to Izz ad Din al-Qassam Cyber Fighters, which uses a group of botnets, called Brobot, to carry out the assaults.

A DDoS attack occurs when a third party hijacks a machine or network of machines to run botnets that flood a web service to cause a temporary outage and thereby deny access for its intended users. Botnets are programs connected via the Internet that communicate with one another to perform tasks; they can be used for good or ill.

According to the Financial Services Information Sharing and Analysis Center, U.S. financial institutions have been on "high" alert since September 2012. The New York Stock Exchange and several financial institutions were reportedly targeted in the first phase of Brobot attacks, which ended in October 2012.

A growing DDoS threat

In the past six months, banks have been making adjustments to their systems in an attempt to help fend off DDoS attacks. Phase two of the Brobot assault, which occurred during December 2012 and January 2013, reportedly targeted PNC Financial Services, U.S. Bancorp., JPMorgan Chase & Co., SunTrust Bank, Bank of America Corp., and Wells Fargo & Co., among others.

PNC reported a DDoS attack Dec. 20 that intermittently interrupted access to its website. Wells Fargo released a similar statement Dec. 19, as did BofA. None of them mentioned who might have orchestrated this attack.

In phrase three, Brobot is said to have already hit PNC, BB&T Corp., JPMorgan Chase, Union Bank and Capital One Financial Corp. The targeted institutions haven't commented on this, but blips in their systems were obvious. Consumers were unable to log into their accounts for a few days, and when they regained access, $0.00 was reflected in their bank accounts. Chase did post a message in each account stating "Limited Activity."

Industry spectators agree the DDoS attacks against banks are just the beginning, as evidenced by the recent inclusion of gaming sites among the targets. Some believe Brobot is growing larger and more capable with each attack. For example, Brobot can now attack multiple sites simultaneously, and with different variations of DDoS attacks on each.

Michael Smith, Senior Security Evangelist and DDoS specialist for web security provider Akamai Technologies, stated about phase three, "Two thirds of last week's traffic [has] been from previously unseen IP addresses. It could be a sign that Brobot is getting bigger." Experts have also posited that Brobot is gathering intelligence about U.S. financial institutions' security defenses.

What we can do to help

DDoS attacks can do great damage. By the time an attack is recognized, it has typically already overwhelmed its target. One well-known method for fighting DDoS attacks is the use of SYN Cookies for network efficiency.

Roy Derby, Certified Fraud Examiner of America's Bankcard Alliance, stated, "SYN cookies track incoming TCP connections which help reduce the flood to overwhelm the stack. DDoS attacks are extremely hard to defend but not impossible."

DDoS attacks aren't the only threat. Ongoing fraud-fighting training for merchants is more important now than ever.

To that end, ISOs and merchant level salespeople can assist their level 4 merchants by evaluating the extent of their Payment Card Industry (PCI) Data Security Standard (DSS) validation requirements; helping merchants obtain full PCI compliance, including the completion of self-assessment questionnaires; and explaining how POS terminals and PIN pads can be breached and what to look for, such as altered sticker seals, keypad overlays, pinhole video cameras, and unauthorized people claiming they need access to devices to service or replace them.

Nicholas Cucci is the Director of Marketing for Network Merchants Inc., a graduate of Benedictine University and a licensed Certified Fraud Examiner. Cucci is also a member of the Advisory Board and Anti-Fraud Technology Committee for the Association of Certified Fraud Examiners, as well as a member of the Electronic Transactions Association's Risk, Fraud and Security Committee. NMI builds e-commerce payment gateways for companies that want to process transactions online in real time anywhere in the world. Contact him at ncucci@nmi.com.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services