• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Submissions
  • About Us
  • Contact Us
  • Jan 30, 2023
  • Startup
    • Creating a Plan
    • Funding a Startup
    • Franchise Center
    • Getting Your Office Ready
    • Making Your Business Official
    • Marketing Your New Business
    • Personal Readiness
  • Run & Grow
    • Customer Service
    • Human Resources
    • Innovation
    • Legal
    • Operations
    • Risk Management
  • Leadership
    • Best Practices
    • Communication
    • Green Initiatives
    • Open Culture
    • Strategic Planning
    • People Skills
  • Sales & Marketing
    • Advertising and Lead Generation
    • Marketing Innovations
    • Marketing Plans
    • Online Marketing
    • Relationships
    • Sales Activities
  • Finance
    • Budgeting and Personal Finance
    • Payments and Collections
    • Tax and Accounting
    • Pricing Strategy
    • Working with Investors
    • Working with Lenders
  • Tech
    • eCommerce
    • Hardware
    • Software
    • Security
    • Tech Reviews
    • Telecom
  • Shop

SmallBizClub

Helping You Succeed

taxbandits banner
Home / Technology / Security / DDoS and Financial Institutions: The High Costs and Why Mitigation is Critical
DDoS and Financial Institutions: The High Costs and Why Mitigation is Critical

DDoS and Financial Institutions: The High Costs and Why Mitigation is Critical

2739 Views

Oct 17, 2018 By Debbie Fletcher

For banks and other financial institutions, cyberattacks are coming fast and furious. Distributed Denial of Service (DDoS) attacks can now be launched for petty cash, without any technical skills whatsoever. What are the costs of launching attacks, and what does a bank do to defend itself against the onslaught of the infamous DDoS attack?

Easy as pie

DDoS has been a banking security concern for a long time, but it has been a different kind of security concern compared to today’s DDoS worries. In the past, a DDoS attack required a determined actor that had the technical knowledge or substantial resources to spend on a technical team. This meant that DDoS attacks were less frequent and generally aimed at achieving a very specific objective. But today DDoS attacks are so easy even a scruffy teenager can do it.

The entire DDoS scene has changed with cheap, for-hire DDoS services making it easy to launch a DDoS attack. As easy as ordering website hosting, or just about any online service. Effectively, anyone with any kind of motive can launch an attack.

For example, in August 2018 the Bank of Spain suffered from a DDoS attack that choked its website to death. The Bank of Spain, as a central bank, does not even provide services to the public. The motive for the attack is unknown, but it just goes to show that the DDoS playground is now wide open and that attacks can be launched at the slightest whim.

DDoS costs are severe and can badly damage banks

Financial institutions need to be cognizant of the costs of a DDoS attack. DDoS costs are multi-tiered and can bring any business to its knees. When considering the costs of a DDoS attack financial institutions should take into account:

Mitigation costs. Stopping an ongoing attack is costly in itself. Doing so involves the ongoing efforts of internal staff members plus the involvement of external security experts. Service providers will also charge for any damage done to networks. Stopping an attack is expensive.

Lost business due to disruption. An ongoing attack prevents customers from going about their daily business. This can lead to a loss in revenue for a bank as transactions simply cannot take place. DDoS attacks can be difficult to mitigate and can take services out of action for days at a time. The associated losses can be immense.

Criminal acts disguised by DDoS. Often DDoS is not the end goal. Many DDoS attacks are launched to serve as a disguise for another attack. Banks may be attacked through DDoS vectors only for the real crime to be committed while staff are distracted. Factor in the cost of millions of stolen records—or indeed millions in stolen cash.

Reputational damage. Easily outweighing all of the aforementioned costs put together is the reputational damage a DDoS attack can cause. Financial institutions can only operate if the trust of customers is maintained. Lose this trust and customers will walk. Banks should be aware that mere reports of a DDoS attack, even if it causes no damage, can lead to massive reputational damage—and the associated costs.

With the costs of DDoS attacks so evident, and with DDoS attacks so easy to launch, the conclusion is clear: financial institutions need to accept DDoS as a day-to-day reality that cannot be ignored. That said, DDoS attacks can be mitigated.

DDoS mitigation is both essential and feasible

While accepting DDoS as a present-day reality, financial institutions need not and should not sit with their hands folded. Though being a target of a DDoS attack is more or less inevitable, suffering from serious consequences is not. In protecting against the worst effects of a DDoS attack, financial institutions can do the following:

Stay alert. Early warnings and indicators can help banks shore up their defenses against a DDoS attack. Waiting until customers report service downtime is simply not good enough. Instead, your financial institution’s IT staff should be the first to know, before customers even notice.

Use DDoS protection. Cloud-based DDoS protection with enormously high absorptive capacity is available from select vendors. A good DDoS vendor will add powerful AI-based protection into the mix while also reporting on attack attempts and risks. These vendors can stop a DDoS attack before it has a chance to cause any real damage.

Communicate with customers. Many DDoS attacks cause no lasting damage whatsoever—nothing is stolen, and the inconvenience for customers is minimal. Only reputational damage remains, communicating with customers can significantly reduce the reputational damage. Re-assure customers that though an attack was launched that attacks are commonplace, and that customer data is safe.

Involve law enforcement. DDoS is a scourge that plagues every business. Only by involving law enforcement can the source of attacks be stopped. The recent take-down of a large DDoS-for-hire operation is one example. However, if DDoS attacks are not reported law enforcement cannot act.

It all comes down to a well thought out DDoS defense strategy that involves alertness, mitigation, and communication. DDoS defense also requires the involvement of highly qualified anti-DDoS vendors as internal security teams could not possibly cope with today’s large-scale attacks. Indeed, a multi-pronged DDoS defense strategy involving both internal teams and external vendors are the best approach for financial institutions that want to stay clear of the DDoS minefield.

Filed Under: Security Tagged With: Network Security, Risk Management

Debbie Fletcher

Debbie Fletcher

Debbie Fletcher is an enthusiastic, experienced writer who has written for a range of different magazines and news publications over the years. Graduating from City University London specializing in English Literature, Debbie's passion for writing has since grown. She loves anything and everything technology, and exploring different cultures across the world. She's currently looking towards starting her Masters in Comparative Literature in the next few years.

Related Posts

  • What Is Enterprise Risk Management?
  • Managing Third-Party Risk is Easier Than You Think
  • embracing-cloud-security--infographic-5 Ways To Create Better Cloud Security

Primary Sidebar

Random

How to Decorate Your Email Signature in Gmail

Jan 27, 2023 By SmallBizClub

6 Ways To Optimize Work Schedules of Your Team Members

Jan 27, 2023 By SmallBizClub

Is Local SEO Worthwhile for Small Businesses?

Jan 26, 2023 By Annie Button

b2b-marketing-must-become-more-humanly-relevant

Building A Winning B2B Sales Enablement Strategy In 2023

Jan 25, 2023 By Michael Dunlop

employers-face-stiff-affordable-health-care-act-excise-taxes

5 Simple Tips Employers and Insurance Providers Need for 2023 ACA Reporting

Jan 25, 2023 By Stephanie Glanville

Footer

About Us

Small Biz Club is the premier destination for small business owners and entrepreneurs. To succeed in business, you have to constantly learn about new things, evaluate what you’re doing, and look for ways to improve—that’s what we’re here to help you do.

  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Copyright © 2023 by Tarkenton Institute, Inc. All Rights Reserved | Terms | Privacy