A wave of Distributed Denial of Service (DDoS) attacks have been used as cover for the plunder of millions of dollars in fraudulent wire transfers at three US banks in recent months, according to a Gartner analyst.
Gartner's Avivah Litan says DDoS attacks are an increasingly popular method for criminals to divert bank security staff attention while defrauding bank systems.
In a blog post, Litan explains the modus operandi deployed by the crooks: "Once the DDoS is underway, this attack involves takeover of the payment switch (e.g. wire application) itself via a privileged user account that has access to it. Now, instead of having to get into one customer account at a time, the criminals can simply control the master payment switch and move as much money from as many accounts as they can get away with until their actions are noticed."
In April, Dell SecureWorks Counter Threat Unit (CTU) highlighted the utilisation of a $200 malware kit called Dirt Jumper that launches low-level DDoS attacks to divert attention of bank security teams during wire transfer heists. The report said the sums switched ranged from $180,000 to $2.1 million.
Gartner's Litan says "considerable financial damage" has resulted from these stealth attacks, with at least three US banks losing millions of dollars to the fraud in recent months.
"One rule that banks should institute is to slow down the money transfer system while under a DDoS attack," Litan advises. "More generally, a layered fraud prevention and security approach is warranted."