HSBC said today it was working with local police to find those who disrupted its online banking services with a denial of service attack, as customers complained of not being able to access their accounts. The attack was made even more painful for customers as the last Friday of the month is a traditional payday in the UK, the home of HSBC.
Little information was provided by HSBC other than a terse statement over Twitter: “HSBC UK internet banking was attacked this morning. We successfully defended our systems.
“We are working hard to restore services, and normal service is now being resumed. We apologise for any inconvenience.” A spokesperson told the BBC a denial of service attack was the cause of the downtime.
A subsequent tweet revealed the police had been contacted: “HSBC is working closely with law enforcement authorities to pursue the criminals responsible for today’s attack on our Internet banking.”
HSBC was hit by a distributed denial of service (DDoS), where infected machines fire an overwhelming number of data packets at a server to stop it working, most recently in 2012. That time the Anonymous hacktivist crew was believed to have carried out the hit.
DDoS attacks in general have been causing havoc in recent months, as criminals have tried to extort targets, threatening to knock businesses offline unless a ransom was paid. Encrypted email provider ProtonMail was criticised for paying a ransom of $6,000 in Bitcoin at the end of 2015 to a DDoS extortionist crew called the Armada Collective. That group targeted other secure email providers Hushmail, Runbox and VFEMail.
Anti-DDoS provider Arbor Networks reported earlier this month that the record for DDoS power hit a new peak in 2015, hitting 500Gbps. Numerous organizations had reported attacks in the 400Gbps-500Gbps range throughout 2015, Arbor noted.
With so much power, and such easy money to be made with extortion attacks, no business appears immune from DDoS downtime. Professor Alan Woodward, a security expert from the University of Surrey, said an attack capable of taking down an entity like HSBC would need to be big.
“In addition we’re seeing the emergence of techniques that mean that these attacks are circumventing some of the systems put in place to mitigate agains these attacks,” Woodward said. He also warned DDoS has been used as a “smokescreen” for other malicious activity in the past. “They want to tie up the technical departments, of which there is obviously a finite number, so that they might miss some unusual activity that would give away the fact that the hackers are breaches the corporate boundary.”