Attack Mitigation Case Studies
Slideshow of case studies on attack mitigation for the financial services industry. (Download from the research page linked to above)
Akamai is actively tracking industry reports regarding DDoS activity utilizing NTP amplification attacks. US-CERT has recently released advisories on NTP amplifications attacks and other UDP protocols.
Web Application Vulnerability Scanner: Skipfish
We have seen this scanner being used to attack financial sites -- looking for Remote File Includes (RFI) with the specific string www.google.com/humans.txt in the requested URL.
Akamai has observed attempted account takeover behavior for a customer resulting from reuse of credentials obtained from other sites. Attackers are using automated tools ("account checkers") to quickly determine valid userid/password combinations across a large number of ecommerce sites. Attackers using these tools can identify valid accounts rapidly, gain access and acquire names, addresses and credit card data from user profiles, as well as fraudulently acquire merchandise.
Recent Financial Services DDoS: Attacks: Ababil Phase II
From Dec. 10, 2012 through the week of Jan. 11, 2013, several financial institutions have been targeted by large DDoS attacks. This is the second phase of the Operation Ababil campaign waged by the hacktivist group known as Izz ad-Din al-Qassam Cyber Fighters (QCF for short). Akamai has been actively defending customers against this attack campaign. The BroBot botnet is being leveraged by QCF to launch these attacks.
