Emerging Details Of Cyber Assault On A Major UK Bank

Uploaded on 2017-02-01 in BUSINESS-Services-Financial, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Lloyds Bank was the target of a cyber-attack recently which stopped a substantial number of customers using their online accounts. The breakdown in service from the group, including Halifax and Bank of Scotland, came after the websites were overwhelmed with millions of requests in a denial of service (DDos) attack.

It is particularly worrying for banks that the disruption lasted for three days contiuously.

Lloyds revealed little at the time, despite a flood of Twitter complaints. But it has emerged that the National Cyber Security Centre is working with the bank on the attack.

The problems started on Wednesday, 11th January, and continued in fits and starts until the following Friday, with some customers still unable to log into their accounts over that weekend.

Despite speculation that a number of banks may have been targeted, it appears that the Internet gang concentrated its fire on Lloyds.

In the past, denial of services attacks has been perpetrated by customers with a grudge or by blackmailers, but there is no indication from Lloyds that a ransom demand was received. At the time, the bank was adamant that the "vast majority" of users were able to gain access to their accounts and move money around as normal.

Cash untouched

It's likely that systems engineers blocked all internet traffic from overseas locations where the attacks seemed to be coming from, halting the disruption at least temporarily before the attackers switched their activity elsewhere.

In contrast to the hacking of Tesco Bank in November, in which £2.5m was taken, there is no indication that criminals got their hands on cash in Lloyds bank accounts.

However, the new National Cyber Security Centre, part of GCHQ and the UK's authority on cyber-security, is understood to be working with Lloyds on security after the attack.

It told BBC News: "The NCSC and Financial Authorities work with firms to provide guidance and support if needed... including offering help on managing incidents."

Lloyds Banking Group issued the following statement: "We experienced intermittent service issues with Internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused. We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems.

"In most cases, if customers attempted another log in, they were able to access their accounts. We will not speculate on the cause of these intermittent issues."

BBC:   

Big Hack At Tesco Bank – Money Vanished:                 Hackers Target All The Major UK Banks:

 

« Ransomware- Practical Advice To Protect & Recover Using Free Tools
Artificial Intelligence Gives Business Wings »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

National Association of Software and Services Companies (NASSCOM)

National Association of Software and Services Companies (NASSCOM)

NASSCOM is a trade association of Indian Information Technology and Business Process Outsourcing industry. Areas of activity include cyber security.

Ericsson

Ericsson

Ericsson is a leading provider of telecommunications services and network infrastructure solutions including all aspects of network security.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Encore Media Group

Encore Media Group

Encore Media Group provide an international enterprise technology event series exploring IoT, Blockchain AI, Big Data, 5G, Cyber Security and Cloud.

Australian Cyber Collaboration Centre (Aus3C)

Australian Cyber Collaboration Centre (Aus3C)

The Australian Cyber Collaboration Centre (Aus3C) is committed to building cyber capacity and securing Australia's digital landscape.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

Sure Valley Ventures

Sure Valley Ventures

Sure Valley Ventures is an entrepreneur led venture capital fund focused on helping software entrepreneurs grow and scale businesses that will have a global impact.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

GeoComply

GeoComply

GeoComply provides fraud prevention and cybersecurity solutions that detect location fraud and help verify a user's true digital identity.

Epic Machines

Epic Machines

Epic Machines is a Value Added Reseller and Managed Security Services provider offering Security Transformation using Cloud-native solutions to commercial and government markets.

Allure Security

Allure Security

Allure Security AI-driven brand protection scans more of the online world for faster, more accurate detection & removal of spoof websites, social media & mobile apps -- before customers fall victim.

The Cyber Scheme

The Cyber Scheme

The Cyber Scheme provides NCSC certified and assured assessments, training and career support for security testers & technical cyber professionals.

Blackwell Security

Blackwell Security

Blackwell is a driving force in healthcare cybersecurity, transforming how security operations are conducted within this critical sector.