Saved me a fortune as the wife could not get into our account for two days
Lloyds Bank outage: DDoS is prime suspect
A DDoS attack was reportedly behind online outages at Lloyds Bank a fortnight ago. As previously reported by El Reg, the banking group suffered several interruptions to its online service on 11-12 January that it initially blamed on "unspecified technical glitches". Customers were unable to check their account balances or make …
COMMENTS
-
-
Monday 23rd January 2017 15:29 GMT Frank Bitterlich
To DDoS or not to DDoS?
I'm not sure which version is worse: That they don't know whether it's a DDoS or not, or that they don't want to be open about the cause.
The former means that they are absolutely clueless (how hard can it be to tell that you're being flooded with bogus traffic), the latter means that they're dishonest and that the real cause was even more embarassing than simply refusing to answer the questions.
Either one would make me worried if that was my bank.
-
Monday 23rd January 2017 16:54 GMT Baldrickk
Re: To DDoS or not to DDoS?
Maybe they are taking the position that they want to know if anything untoward has taken place before saying anything.
Last thing they want is to say "it was only a ddos attack, no problems here" and then have to retract that because a real hack took place.
There could be other similar reasons too.
-
-
-
Monday 23rd January 2017 17:12 GMT Naselus
Re: DDOS as a cover for intrusion?
Because it doesn't really make much sense to do it that way, tbh.
The secret to a successful hack is to get in undetected and then spend months or years extracting information. A DDoS doesn't help with either of these things, while also flooding so much traffic into the target system that you kill your own extraction mechanism and drawing lots of attention from infosec professionals - exactly the stuff which you want to avoid, really.
Generally, if you've hacked a system, you've done it silently months ago and either want to just take the stolen data quietly (to prevent useful stolen card info being quickly cancelled by the target), or you can implement something much more effective than a DDoS for ransom purposes ('hey, we encrypted everything on your netapps and now we want you to give us X money for the key').
DDoSes are what you do if you're not very capable, which is why script kiddies like them so much but serious 'most wanted' hackers ignore them. They rely on using off-the-shelf bot software to compromise unsecure computers for generating traffic because botmasters generally aren't capable of breaching even basic security directly, and so need to rely on threatening to force the target offline rather than extracting information.
-