A significant distributed denial-of-service (DDoS) attack aimed at a prominent American financial institution was detected and prevented by cybersecurity company Akamai Technologies. Although the organisation's name remains undisclosed, Akamai has described it as 'one of the biggest and most influential U.S. financial institutions'. DDoS attacks are notorious for overwhelming websites with a deluge of traffic, rendering them temporarily inaccessible to users.
This particular attack was detected on Tuesday and reached its peak at a staggering 633.7 gigabits (gbps) of traffic per second and lasted less than 2 minutes. Remarkably, it did not harm or disrupt the targeted financial institution's services thanks to their comprehensive cyberdefense posture. Under normal circumstances, nearly all of the legitimate traffic to the company's website originates from within the United States. However, during the attack, malicious traffic emanated from various corners of the world, including Bulgaria, Brazil, China, India, Thailand, Russia, Ukraine, Vietnam, and Japan.
Had this massive attack not been successfully mitigated, it could have caused severe disruptions to the financial institution's essential web systems, as highlighted by Akamai. Notably, the company refrains from attributing attacks to specific cybercriminal groups to avoid granting undue publicity to these wrongdoers. As no hacker group has claimed responsibility for the attack, especially since it was unsuccessful, the attackers' identity remains elusive.
This incident underscores a concerning trend. Akamai has observed a substantial surge in DDoS attacks against financial services since 2021. Over the past year, more than 30% of the DDoS attacks detected by the company have targeted financial services. Furthermore, this recent DDoS attack not only targeted a major US-based financial institution but also took aim directly at its primary web landing page with the clear intent of disrupting online banking services.
In light of this, the researchers at Akamai emphasised some recommendations to minimise risks from DDoS attacks like ensuring that critical subnets and IP spaces have mitigation controls in place, implementing continuous DDoS security controls as an initial defence layer and expanding security measures by establishing proactive network cloud firewalls outside your existing ones, among others.