HSBC confirms DoS attack but denies customer data was affected

HSBC confirms DoS attack but denies customer data was affected
HSBC confirms DoS attack but denies customer data was affected

HSBC has admitted that it suffered a denial of service (DoS) attack on its servers yesterday which caused service issues for users.

While it said that the attack did not affect any customer data, a statement said that it did prevent customers using HSBC online services, including internet banking, for some time.

It said: “We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running. We are cooperating with the relevant authorities and will cooperate with other organisations that have been similarly affected by such criminal acts. We apologise for any inconvenience caused to our customers throughout the world.”

Paul Lawrence, vice president of international operations at Corero Network Security, said that this attack and others against banks in the US, show the false sense of security from financial organisations in thinking that traditional means of defence like firewalls will combat the threat.

“Unfortunately it's often only when they're the victim of attacks, like HSBC, that they realise that firewalls are unable to cope with such large volumetric attacks,” he said.

Owen Cole, vice president EMEA at ExtraHop Networks, said: “The latest attack on HSBC reinforces the need for organisations to take a proactive approach to application performance management. Proactively monitoring networks can help any potential attacks to be spotted early, minimising damage and preventing website downtime, which can have serious implications for an organisations credibility and reputation.

“With attacks like these becoming commonplace, proactive monitoring and early warning is something companies can't afford not to have.”

Darren Anstee, EMEA solutions architect team lead at Arbor Networks, said that as recent attacks use multi-vector tactics, utilising a combination of volumetric and application layer attack vectors, these include TCP, UDP and ICMP packet floods combining HTTP, HTTPS and DNS application layer attacks.

“Attackers are doing this because they know it makes the attacks more difficult to deal with, but not impossible if we have the right services and solutions in place,” he said.

“With the increase of DDoS attacks it is extremely important that organisations take best practice defensive steps to ensure they are adequately protected if, or more likely when, they become the target of a DDoS attack. Organisations should minimise their threat surface as much as possible using their network infrastructure to control the traffic reaching their service infrastructure, and they should ensure that they have well documented, and tested, incident handling processes.”

A group calling themselves ‘Fawkes Security' who describe themselves as ‘ethical hackers and social engineers', said in a Pastebin statement that it was responsible. In a YouTube video, it said it was holding back on revealing the reasons for the attack ‘as we would like to take this time to warn greedy banks'.

According to TechWeekEurope, HSBC was hit on five fronts, including the UK, French, Canadian and US customer-facing sites. FawkesSecurity said that the sites were downed for at least 20 minutes and that the attacks started around 10pm last night.

Sign up to our newsletters