Banks faced the at least one distributed denial-of-service (DDoS) attack in the last 12 months.
According to research by Corero Network Security and the Ponemon Institute of 351 banks, 64 per cent were hit by DDoS attacks in the past twelve months, while 78 per cent believed that this type of attacks will continue or significantly increase in 2013.
Also, almost half of the respondents (48 per cent) said their banks had suffered multiple DDoS attacks in the past 12 months. Overall, zero-day attacks, phishing and DDoS attacks were deemed to be the greatest challenge to banks.
Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said: “It really comes as no surprise that DDoS attacks are one of the most severe security risks cited by the banking industry and these results clearly demonstrate the level to which they are being targeted on a continued basis.
“When such an attack occurs, the time and efforts of IT staff are devoted to dealing with the problem instead of managing other IT operational and security priorities. This leaves financial institutions open to more dangerous attacks that further compromise their infrastructure.”
Traditional firewalls and on-premise anti-DDoS technologies were deemed to be the most popular technologies to prevent and detect these attacks. These are followed by intrusion detection and prevention and anti-virus technologies. However, only 30 per cent of respondents were planning to purchase an anti-DDoS technology in the next six to 12 months.
Marty Meyer, president of Corero, said: “The belief that traditional perimeter security technologies such as firewalls are able to protect against today's DDoS attacks is lulling not only financial institutions but organisations across every sector into a false sense of security.
“Many organisations assume traditional firewalls can provide protection against DDoS and zero-day exploits at the perimeter, yet this is not what they were designed to do and therefore attacks are still getting through. Organisations need to add first line of defense solutions that can provide this protection and are able to remove all of the ‘noise' at the perimeter before it hits the network so that firewalls and servers can optimally work on the functions they were originally designed for.”