Sign in / up

back to article HSBC online banking outage: Moneymen are 'still under attack'

HSBC has admitted it still facing a sustained denial of service attack, after the incident which began this morning left customers unable to use their online banking services. John Hackett, the bank's UK chief operating officer, said: “HSBC’s internet and mobile services have partially recovered, and we continue to work to …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Don't the banks play war games to simulate this sort of thing? Glad all the effort was worth while.

    http://www.bankofengland.co.uk/financialstability/fsc/pages/cbest.aspx

    3 0 Reply
    1. Banksy
      Reply Icon

      I don't think they actually 'do' anything in these tests. It's more they run through their procedures, check they know who to notify, etc. I don't believe they actually perform a DDoS attack, for example.

      1 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    Given that this is the second time this has happened this month alone, perhaps the CTO should admit that he has failed, step down and seek gainful employment elsewhere. Ultimately, the buck stops with him and he's been found wanting. Twice, yet.

    Of course, this won't happen and I have no doubt he'll trouser a nice bonus for successfully 'defending' against an alleged DDoS attack whilst at the same time overseeing the outsourcing of any remaining competent IT staff.

    Weasels, the lof of them.

    Trebles all round!

    5 1 Reply
    1. alain williams Silver badge
      Reply Icon

      How can you defend against a DDOS ?

      If all the traffic comes from somewhere that you can put into a firewall you might have a chance with some kind of attacks, but not all.

      1 1 Reply
      1. Sir Runcible Spoon
        Reply Icon

        Re: How can you defend against a DDOS ?

        End users aren't really in a position to defend against a proper DDoS. That can only really be done at the ISP level and isn't particularly easy to do without drastic measures (like blocking all source addresses from outside the UK heading to the UK HSBC website for example).

        0 0 Reply
  3. Banksy

    Why HSBC?

    Has anyone claimed responsibility for these attacks and said why they're targeting HSBC specifically?

    0 0 Reply
    1. Mark 85
      Reply Icon

      Re: Why HSBC?

      I'm guessing, and it really is just a wild-assed guess, that this is related to the attacks recently on Janet, ProtonMail, etc. Each attack has been a bit stronger and the target more meaningful to the general population than the previous. The thing in common with them and makes me think this has been the location of the targets.

      1 0 Reply
    2. allthecoolshortnamesweretaken
      Reply Icon

      Re: Why HSBC?

      Test run / dress rehearsal?

      0 0 Reply
  4. Doctor Syntax Silver badge

    Between DDoS and ransomware you'd think there was something useful that the world's SIGINT agencies could do by tracking down culprits & ensuring they're dealt ith. But no, just concentrate on grabbing more data than you can use.

    6 0 Reply
    1. TJ1
      Reply Icon
      Joke

      Re: Between DDos and ransomeware...

      Ahhh, but the DDoS traffic isn't encrypted, so the snoops aren't interested in the metadata

      1 0 Reply
  5. Anonymous Coward
    Joke

    Who will defend us from all these Apple Android Linux Flash DDoS attacks.

    'This is just like television, only you can see much further.'

    0 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    Shouldn't that number be...

    *takes off shades to reveal shades*

    03457 500 500?

    YEEEEEEEAAAAAAAAAHHHHH

    3 0 Reply
  7. Tempest
    Unhappy

    Remember, every voice call is more grist for their voice analysis computer

    All calls to HSBC are 'recorded', the term HSBC adopts for voice analysis.

    A background paper said: "The smart phone would capture the customer’s spoken words and transmits it to the bank for authorisation. The sent words would then be compared with his voice in the database, if it matches, he would be authorised. If not, he would be denied access and asked to try again."

    To circumvent this blatant invasion of privacy you can (1) Have a 'talk' playing loudly where you make your call; (2) Use cotton wool padding in your cheeks; (3) Remove your false teeth; (4) Alter your voice electronically. All are intended to change audio spectrum of your voice.

    They will not/cannot disable the feature on request. The voice database is accessible to police, et al.

    0 3 Reply
  8. ecofeco Silver badge

    No surprise, here's why.

    HSBC pays out £28m over money-laundering claims - 2015

    http://www.theguardian.com/business/2015/jun/04/hsbc-fined-278m-over-money-laundering-claims

    HSBC Judge Approves $1.9B Drug-Money Laundering Accord - 2013

    http://www.bloomberg.com/news/articles/2013-07-02/hsbc-judge-approves-1-9b-drug-money-laundering-accord

    HSBC became bank to drug cartels, pays big for lapses - 2012

    http://www.reuters.com/article/us-hsbc-probe-idUSBRE8BA05M20121212

    The list goes on. They are the dirtiest of the dirty. Serves them right. I'll lose no sleep over it.

    0 0 Reply
  9. Ru'

    "attempted denial of service attacks"

    Surely it's not just an attempt, it's a success?

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like