More Details Of Crippling Attack On UK Bank Emerge

Uploaded on 2017-04-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Lloyds Bank was the target of a cyber attack which stopped a substantial number of customers using their online accounts.

The breakdown in service from the group, including Halifax and Bank of Scotland, came after the websites were overwhelmed with millions of requests in a denial of service attack.

It is particularly worrying for banks that the disruption lasted three days. Lloyds revealed little at the time, despite a flood of Twitter complaints. But it has emerged that the National Cyber Security Centre is working with the bank on the attack.

The problems started on Wednesday morning, 11 January 2017, and continued in fits and starts until the following Friday, with some customers still unable to log into their accounts over the weekend.

Despite speculation that a number of banks may have been targeted, it appears that the internet gang concentrated its fire on Lloyds.

In the past, denial of service attacks have been perpetrated by customers with a grudge or by blackmailers, but there is no indication from Lloyds that a ransom demand was received.

At the time, the bank was adamant that the "vast majority" of users were able to gain access to their accounts and move money around as normal.

Cash untouched

It's likely that systems engineers blocked all internet traffic from overseas locations where the attacks seemed to be coming from, halting the disruption at least temporarily before the attackers switched their activity elsewhere.

In contrast to the hacking of Tesco Bank in November, in which £2.5m was taken, there is no indication that criminals got their hands on cash in Lloyds bank accounts.

However, the new National Cyber Security Centre, part of GCHQ and the UK's authority on cyber-security, is understood to be working with Lloyds on security after the attack.

It said: "The NCSC and Financial Authorities work with firms to provide guidance and support if needed... including offering help on managing incidents."

Lloyds Banking Group issued the following statement: "We experienced intermittent service issues with Internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused.

"We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems.

"In most cases, if customers attempted another log in, they were able to access their accounts. We will not speculate on the cause of these intermittent issues."

BBC

Britain Bombarded With High Level Cyber Attacks:

Only 20% Of UK Banks Can Properly Detect Breaches

Hackers Target All The Major UK Banks:

 

« Britain Bombarded With High Level Cyber Attacks
London Conference: Protecting Critical Infrastructure »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Picasso

Picasso

The Picasso project is focused on ICT Policy, Research and Innovation for a Smart Society: towards new avenues in EU-US ICT collaboration.

Ahope

Ahope

Ahope is a mobile security solution provider in Korea with a long history of security solution development.

Waratek

Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.

Enosys Solutions

Enosys Solutions

Enosys Solutions is an IT security specialist with a skilled professional services team and 24x7 security operations centre servicing corporate and public sector organisations across Australia.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

Cyxtera Technologies

Cyxtera Technologies

Cyxtera offers powerful, secure IT infrastructure capabilities paired with agile, dynamic software-defined security.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

eResilience

eResilience

eResilience is a division of Referentia Systems, a pioneer in an ultra-secure information safeguarding technique known as “Enclaving”, in which data can be segmented and protected within a network.

Envelop Risk

Envelop Risk

Envelop Risk is a global specialty cyber insurance firm, combining decades of insurance industry expertise with sophisticated cyber and artificial intelligence-based analytics.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

WinMagic

WinMagic

At WinMagic, we’re dedicated to making authentication and encryption solutions that protect data without causing user friction so that everyone can work freely and securely.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

Unified Infotech

Unified Infotech

Unified Infotech is a trusted partner for IT and software solutions dedicated to empowering businesses.