Pending Cyberattacks on U.S. Banks

Recently, the Fraud Action Research Lab at RSA, released information pertaining to an impending cyber attack targeting 30 U.S. based banks. The orchestrators of the attack are actively recruiting upwards of 100 botmasters to help unleash their nefarious plot. In a nutshell, the intended attack will probably be large, with multiple coordinated and timed efforts from around the world. The attack is expected to occur sometime in the next 30 to 60 days. As of yet, RSA has not disclosed the potential targets. In reality, if your bank is not targeted today, it does not mean it will not be targeted tomorrow. But until we see “the list” you as the computer user and/or potential target do not have to live in fear.

One of the motivating theories behind the attack is to take advantage of the weak state of security surrounding banks, specifically U.S. banks. Solutionary highly recommends banks review authentication procedures for wire transfers. If not already in compliance with Federal Financial Institution Examination Council (FFIEC) requirements, getting in compliance is a great start. For additional information refer to: Authentication in an Internet Banking Environment

Since the attack will probably directly or indirectly result in a distributed denial of service attack (DDOS), people should also have a plan of action. Review fellow Solutionary blogger Doug Picotte's blog discussing DDOS and its counter measures.

Some of you may be thinking, “this does not apply to me since I am not a bank or credit union.” Sorry to break the news to you, but it really does apply to you. Botnets are composed using computers from anywhere, anyone, in all walks of life. Sure, this attack could be using computers from a specific source, but without knowing for sure it’s not worth the gamble. As a precaution, ensure your systems are patched and the anti-virus is updated. Also be mindful of your emails. Unsuspected people become infected every day with Trojan Horses and other malware just by clicking a seemingly harmless link. Below is a list of some of the telltale signs malware maybe running on your computer.

Signs of trouble include:

• Unknown outgoing connections to specific sites, not initiated by the user
• Sites that claim to be loading, but never do, or the browser crashes
• Unusual system performance
• Downloaded something and then it’s gone
• Opening a browser for a site somehow ends up with you on a completely different site or with additional browser windows opening
• Delays in system startup and/or shutdown
• Failures in antivirus updates or scans (like “did not run”)

As indispensable as it has become, the Internet can be a scary and sometimes dangerous place. But practicing caution and situational awareness can help keep us from many of its dangers. The forewarning of the attack was meant to let the industry know that something may be coming and if you have not already done so, take proper precautions in the event something does happen. There is no perfect answer or solution for preparing or preventing something bad from happening but proper preparation can help level the playing fields when you’re staring in the face of danger.