More Details Of Crippling Attack On UK Bank Emerge

Uploaded on 2017-04-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Lloyds Bank was the target of a cyber attack which stopped a substantial number of customers using their online accounts.

The breakdown in service from the group, including Halifax and Bank of Scotland, came after the websites were overwhelmed with millions of requests in a denial of service attack.

It is particularly worrying for banks that the disruption lasted three days. Lloyds revealed little at the time, despite a flood of Twitter complaints. But it has emerged that the National Cyber Security Centre is working with the bank on the attack.

The problems started on Wednesday morning, 11 January 2017, and continued in fits and starts until the following Friday, with some customers still unable to log into their accounts over the weekend.

Despite speculation that a number of banks may have been targeted, it appears that the internet gang concentrated its fire on Lloyds.

In the past, denial of service attacks have been perpetrated by customers with a grudge or by blackmailers, but there is no indication from Lloyds that a ransom demand was received.

At the time, the bank was adamant that the "vast majority" of users were able to gain access to their accounts and move money around as normal.

Cash untouched

It's likely that systems engineers blocked all internet traffic from overseas locations where the attacks seemed to be coming from, halting the disruption at least temporarily before the attackers switched their activity elsewhere.

In contrast to the hacking of Tesco Bank in November, in which £2.5m was taken, there is no indication that criminals got their hands on cash in Lloyds bank accounts.

However, the new National Cyber Security Centre, part of GCHQ and the UK's authority on cyber-security, is understood to be working with Lloyds on security after the attack.

It said: "The NCSC and Financial Authorities work with firms to provide guidance and support if needed... including offering help on managing incidents."

Lloyds Banking Group issued the following statement: "We experienced intermittent service issues with Internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused.

"We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems.

"In most cases, if customers attempted another log in, they were able to access their accounts. We will not speculate on the cause of these intermittent issues."

BBC

Britain Bombarded With High Level Cyber Attacks:

Only 20% Of UK Banks Can Properly Detect Breaches

Hackers Target All The Major UK Banks:

 

« Britain Bombarded With High Level Cyber Attacks
London Conference: Protecting Critical Infrastructure »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

World Privacy Forum (WPF)

World Privacy Forum (WPF)

The World Privacy Forum is a non-profit public interest research group that focuses on privacy and technology issues.

Security Stronghold

Security Stronghold

Security Stronghold is focused on protecting computers from malicious programs like viruses, Trojans, spyware, adware, trackware, keyloggers and other kinds of online threats.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

AllClear ID

AllClear ID

AllClear ID provides products and services that help protect people and their personal information from threats related to identity theft.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

Data Eliminate

Data Eliminate

Data Eliminate provide data destruction, secure end-of-life IT asset disposal, and data protection consultancy services.

Ukrainian Academy of Cyber Security (UACS)

Ukrainian Academy of Cyber Security (UACS)

UACS is a professional non-profit public organization established to promote the development of an extensive network and ecosystem of education and training in the field of cyber security.

Jacobs

Jacobs

Jacobs is at the forefront of the most important security issues today. We are inspired to be the best and deliver innovative, mission-focused outcomes that matter to our clients.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

Cyber Range Solutions (CRS)

Cyber Range Solutions (CRS)

CRS provides cyber security training and improve security team performance by providing a hyper realistic, virtual training environment.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

Trapp Technology

Trapp Technology

Trapp Technology combines the very best cloud, Internet, IT managed services, and IT consulting to provide a true all-in-one IT solution for small to mid-sized businesses.

Silverse

Silverse

At Silverse, we specialize in building a comprehensive cybersecurity journey, anchored by our extensive experience, industry expertise, and an ecosystem of trusted partners.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.