Lloyd bank in the UK was hit with a 2-day Distributed Denial of Service (DDoS) attack just recently in January. This attack left customers unable to access their online banking and prohibited them from making payments. According to the article, Lloyd Bank was among a pool of banks in the UK that were targeted. Fortunately, the banking information of Lloyd Bank’s clients remained safe as a DDoS attack only brings down a network’s ability to function properly, but it doesn’t usually steal / compromise user data.
The second supplementary article quotes the CEO of ZoneFox, Jamie Graves, who claims that such institutions would benefit greatly form using User Behavior Analytics (UBA) to distinguish botnet clients from …show more content…
Such attacks could create concern for their overall network security which directly translates to how comfortable people will be in trusting Lloyd bank to manage their money and savings.
Questions:
- Can DDoS attacks be launched in a way that the service is “attacked” by mimicking actual usage and the only difference between regular usage and the attack would be an abnormally high number of clients (“botnets”)? Would this trick UBA?
- Couldn’t banks use a system where a log of previously used IP addresses is linked to accounts which would then limit the users allowed to use the site to clients who have previously used the service (before the start time of the attack)?
- Is there any way to detect DDoS attacks in real time and respond to them immediately to block botnet clients without banning legitimate users from access the website? As in, is there any type of active protection against DDoS attacks?
- Do hackers use DDoS attacks to force institutions to pay? Much like ransomware would? Or do DDoS attacks only aim to shut down services without any direct monetary