CSO Online – (International) Bank attackers more sophisticated than typical hacktivists, expert says. The hackers who said they were behind cyberattacks that disrupted the online operations of several U.S. banks the week of September 24 had technical firepower that went beyond the typical hacktivist, said one security expert. Experts debated the methods used in cyber-assaults on Wells Fargo, U.S. Bank, and PNC Bank, each struck on separate days, CSO Online reported September 28. The senior security evangelist at Akamai said the banks‘ Web servers were hit by as much as 65 gigabits of traffic per second, roughly as much as 60 times greater than the typical denial of service attack launched by hactivists. Also, the attackers used a single toolkit in building the programs that sent mostly junk data over the Internet to the banks‘servers, he said. Hactivists typically use multiple toolkits running programs spread across compromised computers and systems of sympathizers. The attack traffic Akamai confronted was fairly uniform, he said. This does not happen with a hacktivist mob. A security researcher for FireEye who monitored the attack traffic has said he believes it was generated on hundreds of thousands of computers, many of which were likely owned by sympathizers of the attackers recruited through Web sites and social networks. He stuck by his people-powered theory, but agreed the attackers could have used a combination of servers and personal computers, some compromised and some belonging to sympathizers.
Ali Loney, on September 28, 2012