Central banks of South Korea and Indonesia bulk up security following DDoS attacks by hacktivists
The central banks of Indonesia and South Korea are reportedly bulking up security on their public-facing websites after being hit with cyberattacks and distributed-denial-of-service (DDoS) disturbances linked to notorious hacking collective Anonymous.
In response to the attempted cyberattacks, Ronald Waas, deputy governor of Bank Indonesia (BI), told Reuters his institution was forced to block 149 regions that don't usually access its website, including "several small African countries".
Waas added that several banks in the region were now sharing the Internet Protocol (IP) addresses suspected to have been used by the hackers – whose true identity remains a mystery. "There is regional co-operation between central banks. Those who have gotten hit are sharing their experiences," he said.
The official stressed that no money was lost in the attack and instead the hackers used DDoS tools in an attempt to force the bank's website offline. These tools – readily for sale on the dark web – send waves of internet traffic towards a server to disrupt its normal operations.
While this form of attack is mostly used as a form of protest by so-called 'hacktivists', it can also be used as a distraction technique to hide malicious entry into a website with the intention of stealing sensitive information.
Additionally, the central bank of South Korea also noted "at least one" DDoS attack on its website in May but officials maintained that "no harm was done".
Benny Sadwiko, a cybersecurity expert employed by the bank, said: "In May, we've had so many disturbances. [The hackers] are trying to attack the reputation of the banks. So we're blocking IP addresses from countries that don't usually access us."
The timeline of the attacks coincides with the 30-day campaign launched by Anonymous, coined 'Operation Icarus' which, during the month of May hit nearly 70 banking institutions across the globe.
As previously reported, a video statement posted to YouTube on 4 May by the group said: "We will not let the banks win, we will be attacking the banks with one of the most massive attacks ever seen in the history of Anonymous."
Later, the central bank of Greece admitted its website was taken offline for a short period of time. This was followed by other banks in countries including France, England, Scotland and Sweden. In June, the hackers announced that 'phase three' of the operation has started – dubbed Project Mayhem – and that the focus of the campaign would change to include major stock exchanges.
In any case, the global banking system has been left shaken by a number of successful hacks, breaches and cyber-heists throughout 2016. In one attack, the Bangladesh central bank was targeted by a highly coordinated team of hackers that were able to steal a massive £81m via fraudulent money transfers.
© Copyright IBTimes 2024. All rights reserved.