Lloyds Bank outage: DDoS is prime suspect A DDoS attack was reportedly behind online outages at Lloyds Bank a fortnight ago. As previously reported by El Reg, the banking group suffered several interruptions to its online service on 11-12 January that it initially blamed on "unspecified technical glitches". Customers were unable to check their account balances or make …
I'm not sure which version is worse: That they don't know whether it's a DDoS or not, or that they don't want to be open about the cause.
The former means that they are absolutely clueless (how hard can it be to tell that you're being flooded with bogus traffic), the latter means that they're dishonest and that the real cause was even more embarassing than simply refusing to answer the questions.
Either one would make me worried if that was my bank.
Maybe they are taking the position that they want to know if anything untoward has taken place before saying anything.
Last thing they want is to say "it was only a ddos attack, no problems here" and then have to retract that because a real hack took place.
There could be other similar reasons too.
Because it doesn't really make much sense to do it that way, tbh.
The secret to a successful hack is to get in undetected and then spend months or years extracting information. A DDoS doesn't help with either of these things, while also flooding so much traffic into the target system that you kill your own extraction mechanism and drawing lots of attention from infosec professionals - exactly the stuff which you want to avoid, really.
Generally, if you've hacked a system, you've done it silently months ago and either want to just take the stolen data quietly (to prevent useful stolen card info being quickly cancelled by the target), or you can implement something much more effective than a DDoS for ransom purposes ('hey, we encrypted everything on your netapps and now we want you to give us X money for the key').
DDoSes are what you do if you're not very capable, which is why script kiddies like them so much but serious 'most wanted' hackers ignore them. They rely on using off-the-shelf bot software to compromise unsecure computers for generating traffic because botmasters generally aren't capable of breaching even basic security directly, and so need to rely on threatening to force the target offline rather than extracting information.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
