According to new independent research commissioned by Corero Network Security, and conducted by the Ponemon Institute, two thirds of banks in the United States have suffered a Distributed Denial of Service (DDoS) attack during the last 12 months. The 64% statistic refers to the number of IT and IT security practitioners who reported that the banks at which they work were subject to at least one DDoS attack during 2012.
The research questioned 650 IT and IT security professionals working at a total of 351 banks, including some of the biggest in the world, and the sadly not at all surprising conclusion was that these DDoS attacks will continue, or 'significantly increase' during 2013 according to 78% of them.
With 48% of the banks concerned having been targeted multiple times during the course of 2012, the IT security professionals also admitted that Zero-Day attacks targeting previously unknown vulnerabilities were also hitting banks hard. Insufficiently experienced staff, along with ineffective security technology such as traditional firewalls (deployed by 35% of banks), were cited as the main barriers preventing the banks from being able to deal with these attacks more efficiently in 50% of cases. A lack of funding for security was the third most cited cause for concern.
"It really comes as no surprise that DDoS attacks are one of the most severe security risks cited by the banking industry and these results clearly demonstrate the level to which they are being targeted on a continued basis" said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. "When such an attack occurs, the time and efforts of IT staff are devoted to dealing with the problem instead of managing other IT operational and security priorities. This leaves financial institutions open to more dangerous attacks that further compromise their infrastructure"