This is a security alert for all TruShield clients, the financial services industry, and the community at large. We have learned of a wave of recent threats targeting the financial services industry. The attacks are Distributed Denial-of-Service (DDoS) attacks against banks and financial institutions.
About The Attacks
The series of attacks are part of OpIcarus, a campaign created by Anonymous that is opposed to banks and financial institutions around the world. They believe that banks are controlling the world’s economy, promoting and hiding corruption at the governmental and private level, so they started a 30-day campaign on May 1st against central banks around the world. Eight financial institutions were successfully targeted and suffered from DDoS attacks since the campaign went live. The financial institutions that fell victims to this campaign were the Central Bank of Greece, the Central Bank of Cyprus, Central Bank of the Dominican Republic, the Guernsey Financial Services Commission, the Dutch Central Bank, the Central Bank of Maldives, the Central Bank of Kenya, Central Bank of Mexico, and the National Bank of Panama.
According to a post from SoftPedia, various anonymous divisions such as Ghost Squad Hackers have taken part in these attacks. On the campaign’s official twitter account, it is confirmed that Anonymous and GhostSquadHackers are part of a joint-effort operation. The GhostSquadHackers participated in DDoSing the Central of Bosnia and Herzegovina.
Information About the Campaign
Official Twitter account of the campaign
- They tweeted today, May 9, 2016 at 8:52 AM that the account will be shut down due to @GhostSquadHack compromising the integrity of Anonymous.
- Twitter accounts of other hacktivist groups participating in this campaign:
- Hashtags reporting on recent activity of the campaign:
- List of Banks that are being targeted:
- Bank of Algeria
- Central Bank of Argentina
- Reserve Bank of Australia
- Central Bank of the Republic of Austria
- National Bank of Belgium
- Central Bank of Bosnia and Herzegovina
- Central Bank of Brazil
- Bulgarian National Bank
- Bank of Canada
- Central Bank of Chile
- People’s Bank of China
- Bank of the Republic (Colombia)
- Croatian National Bank
- Czech National Bank
- Danmarks Nationalbank (Denmark)
- Bank of Estonia
- European Central Bank
- Bank of Finland
- Bank of France
- Deutsche Bundesbank (Germany)
- Bank of Greece
- Hong Kong Monetary Authority
- Magyar Nemzeti Bank (Hungary)
- Reserve Bank of India
- Bank Indonesia
- Bank of Israel
- Bank of Italy
- Bank of Japan
- Bank of Korea
- Bank of Latvia
- Bank of Lithuania
- Central Bank of Luxembourg
- National Bank of the Republic of Macedonia
- Central Bank of Malaysia
- Bank of Mexico
- Netherlands Bank
- Reserve Bank of New Zealand
- Central Bank of Norway
- Central Reserve Bank of Peru
- Bangko Sentral ng Pilipinas (Philippines)
- National Bank of Poland
- Bank of Portugal
- National Bank of Romania
- Central Bank of the Russian Federation
- Saudi Arabian Monetary Agency
- National Bank of Serbia
- Monetary Authority of Singapore
- National Bank of Slovakia
- Bank of Slovenia
- South African Reserve Bank
- Bank of Spain
- Sveriges Riksbank (Sweden)
- Swiss National Bank
- Bank of Thailand
- Central Bank of the Republic of Turkey
- Central Bank of the United Arab Emirates
- Bank of England
- Board of Governors of the Federal Reserve System (United States)
For more information on the other targets that were listed please click here.
Some ways to stop a DDoS attack
Prevent spoofed TCP attacks before they enter your network.
- Don’t let dark address packets past your perimeter.
- Block unused protocols and ports.
- Limit the number of access per second per source IP.
- Limit numbers of concurrent connections per source IP.
- Filter foreign TCP packets.
- Do not forward packets with header anomalies.
- Monitor self-similarity in traffic.
- Keep unwanted guests away.
- Use specialized DDoS mitigation equipment.
This campaign is ongoing and affects financial institutions. So far they have had success attacking the banks on their targeted list. The group plans to attack Nasdaq and London Stock Exchange.