According to new independent research commissioned by Corero Network Security, and conducted by the Ponemon Institute, two thirds of banks in the United States have suffered a Distributed Denial of Service (DDoS) attack during the last 12 months. The 64% statistic refers to the number of IT and IT security practitioners who reported that the banks at which they work were subject to at least one DDoS attack during 2012.

dweb-banks The research questioned 650 IT and IT security professionals working at a total of 351 banks, including some of the biggest in the world, and the sadly not at all surprising conclusion was that these DDoS attacks will continue, or 'significantly increase' during 2013 according to 78% of them.

With 48% of the banks concerned having been targeted multiple times during the course of 2012, the IT security professionals also admitted that Zero-Day attacks targeting previously unknown vulnerabilities were also hitting banks hard. Insufficiently experienced staff, along with ineffective security technology such as traditional firewalls (deployed by 35% of banks), were cited as the main barriers preventing the banks from being able to deal with these attacks more efficiently in 50% of cases. A lack of funding for security was the third most cited cause for concern.

"It really comes as no surprise that DDoS attacks are one of the most severe security risks cited by the banking industry and these results clearly demonstrate the level to which they are being targeted on a continued basis” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “When such an attack occurs, the time and efforts of IT staff are devoted to dealing with the problem instead of managing other IT operational and security priorities. This leaves financial institutions open to more dangerous attacks that further compromise their infrastructure”

Votes + Comments
Nice Article!

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

5 Years
Discussion Span
Last Post by LastMitch

A lack of funding for security was the third most cited cause for concern.

That is BS and it's not a excused at all.

The Banks being charging fees left and right on from accounts to loans to other products,

For the Banks saying that is unacceptable and lame.

The sad part is that the Banks get away with a lot of things.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.