Banks tread on thin ice amidst prevalent Denial of Service attacks
China’s Internet came to a grinding halt over the weekend as it was hit by the largest DoS attack ever; Bank of China’s online operations among one of many that experienced disruptions. August 27, 2013 | Magessan RajA massive Denial-of-Service (DoS) strike brought down much of China’s Internet on Sunday, in what has been described as the biggest DoS attack ever faced by the Chinese government. The attack disrupted and slowed access to millions of websites, including those belonging to major institutions such as Bank of China, Sina’s social networking site Weibo, and Amazon.cn. The incident allegedly began at 2am Sunday morning, and was followed by a more intense attack at 4am, according to the China Internet Network Information Center (CNNIC), a state-run agency tasked with managing the .cn country domain. Aimed at the registry that allows users to access sites with the extension “.cn”, the assault lasted for four hours, according to security services provider CloudFare. Though the strike brought the registry to its knees, most .cn sites managed to weather the storm, relying on registry records stored by service providers. While the attack appears to have stopped by Monday, with Chinese Internet users able to access .cn websites, CloudFlare CEO Matthew Prince said that the company observed a 32% drop in traffic for the thousands of Chinese domains on the company’s network during the attack compared with a similar time 24 hours earlier. While official details remain scarce - the objectives and motives behind the attack are unlikely to be revealed - the assault on China’s internet coincided with the state’s crackdown on social media commentators and the wrapping up of former Communist Party member Bo Xilai’s trial. Despite the scale of the attack and its apparent success, Prince opined that it could have been carried out by a single person. “I don’t know how big the ‘pipes’ of .cn are, but it is not necessarily correct to infer that the attacker in this case had a significant amount of technical sophistication or resources. It may have well have been a single individual,” Prince said. CNNIC has since issued an apology to users aff... Please login to read the complete article. If you already have an account, you can login now or subscribe/register.
Categories: China, Operational Risk & Security, Technology & OperationsChina,OperationalRiskSecurity,technology, China,Operational Risk & Security,Technology & Operations, Keywords:DoS, DDoS, CNNIC, CloudFlare, Matthew Prince, BoC, Dirt Jumper, DTCC DoS, DDoS, CNNIC, CloudFlare, Matthew Prince, BoC, Dirt Jumper, DTCC
|