We have just completed the third wave of distributed-denial-of-service attacks against U.S. banks. And while there is no evidence these attacks will end soon, there are signs that the attackers' botnet is getting stronger, and they are targeting organizations outside the U.S. and banking. How can organizations everywhere prepare to defend against this growing menace?
What all organizations can do to assess and mitigate their DDoS risks.
DDoS was thought to be a threat from the past until it was reactivated and re-energized by the hacktivist group known as the Izz ad-Din al-Qassam Cyber Fighters.
Since the fall of 2012, the attackers have used DDoS to disrupt the online functions of nearly 50 U.S. financial institutions, causing website outages that alarmed customers and caused two federal regulatory agencies to issue fraud alerts to member institutions.
Following the two initial waves of attacks, in the fall and winter of 2012, the hacktivists took time off to regroup. Each time they came back stronger.
But the third wave, which commenced in March 2013, shows no sign of abating. Not only have the attacks morphed, targeting different vulnerabilities, but the attackers' botnet has strengthened. In April, the FBI warned that attack scripts have been modified in an attempt to increase the effectiveness with which the scripts evade detection. The actors are changing their attack methodology, the FBI says, to circumvent mitigation efforts of the financial institutions.
Concurrently, electrical utilities, gaming sites and European banking institutions all have experienced different forms of DDoS.
How can organizations from across industry defend themselves against attacks that some of the world's largest banks cannot prevent?
That is the key question that will be answered in this panel discussion from three unique perspectives:
The Bank - Michael Wyffels, SVP and CTO of QCR Holdings Inc., a multibank holding company, will discuss how his institutions assess and respond to DDoS risks, as well as what DDoS means to the banks and their customers.
The Journalist - Tracy Kitten, Executive Editor of BankInfoSecurity and CUInfoSecurity, will share insight she's gleaned from covering the DDoS story exhaustively since it first broke.
The Expert - Rodney Joffe, SVP & Senior Technologist, Neustar, is one of the foremost industry experts on DDoS and can explain exactly what the latest attack trends show us, and how you can make your organization a less desirable DDoS target.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Joffe's responsibilities include defining and guiding the technical direction of the company's Neusentry security offering as well as heading the company's cybersecurity initiatives. Joffe joined Neustar in 2006 after the acquisition of UltraDNS Corporation, a directory services company he founded in 1999. Prior to founding UltraDNS, Joffe was the founder and CTO of Genuity, one of the largest Internet service and hosting providers in the world.
Senior Vice President and Chief Technology Officer, QCR Holdings Inc.
At this multibank holding company based in Moline, Ill., Wyffels focuses on compliance, fraud prevention and technology. He has worked in information technology for more than 20 years. His career has focused on the financial services markets and credit card processing and operations. Before joining QCR, he directed MIS and distributed systems for Alliance Data Systems in Dallas. Prior to Alliance Data Systems, Wyffels worked in several enterprise and line-of-business roles within IT for First Data Corp.