More Details Of Crippling Attack On UK Bank Emerge

Uploaded on 2017-04-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Lloyds Bank was the target of a cyber attack which stopped a substantial number of customers using their online accounts.

The breakdown in service from the group, including Halifax and Bank of Scotland, came after the websites were overwhelmed with millions of requests in a denial of service attack.

It is particularly worrying for banks that the disruption lasted three days. Lloyds revealed little at the time, despite a flood of Twitter complaints. But it has emerged that the National Cyber Security Centre is working with the bank on the attack.

The problems started on Wednesday morning, 11 January 2017, and continued in fits and starts until the following Friday, with some customers still unable to log into their accounts over the weekend.

Despite speculation that a number of banks may have been targeted, it appears that the internet gang concentrated its fire on Lloyds.

In the past, denial of service attacks have been perpetrated by customers with a grudge or by blackmailers, but there is no indication from Lloyds that a ransom demand was received.

At the time, the bank was adamant that the "vast majority" of users were able to gain access to their accounts and move money around as normal.

Cash untouched

It's likely that systems engineers blocked all internet traffic from overseas locations where the attacks seemed to be coming from, halting the disruption at least temporarily before the attackers switched their activity elsewhere.

In contrast to the hacking of Tesco Bank in November, in which £2.5m was taken, there is no indication that criminals got their hands on cash in Lloyds bank accounts.

However, the new National Cyber Security Centre, part of GCHQ and the UK's authority on cyber-security, is understood to be working with Lloyds on security after the attack.

It said: "The NCSC and Financial Authorities work with firms to provide guidance and support if needed... including offering help on managing incidents."

Lloyds Banking Group issued the following statement: "We experienced intermittent service issues with Internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused.

"We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems.

"In most cases, if customers attempted another log in, they were able to access their accounts. We will not speculate on the cause of these intermittent issues."

BBC

Britain Bombarded With High Level Cyber Attacks:

Only 20% Of UK Banks Can Properly Detect Breaches

Hackers Target All The Major UK Banks:

 

« Britain Bombarded With High Level Cyber Attacks
London Conference: Protecting Critical Infrastructure »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Beyond Security

Beyond Security

Beyond Security is a leader in automated vulnerability assessment and compliance solutions - enabling customers to accurately assess and manage security weaknesses in their networks and applications.

Axis Capital

Axis Capital

AXIS Insurance’s Professional Lines Division is a leading underwriter of technology/cyber coverage and other specialty products around the globe.

HYAS Infosec

HYAS Infosec

HYAS is a highly skilled information security firm developing the next generation of information security technology.

SECURITI.ai

SECURITI.ai

SECURITI.ai's PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface.

CyberMDX

CyberMDX

CyberMDX delivers proactive security built for hospital devices. 360° visibility, insight, and protection for all connected hospital technologies.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Constella Intelligence

Constella Intelligence

Constella Intelligence provides digital risk protection services to quickly and efficiently disrupt cyber attacks and data breaches before they occur.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

Stratia Cyber

Stratia Cyber

Stratia Cyber is an independent, technology agnostic company providing high quality, pragmatic cyber security consultancy and expertise.

Cyber Unit

Cyber Unit

Cyber Unit offer next level protection from cyber attacks in packages and pricing options that are accessible to smaller organizations.

Archer Technologies

Archer Technologies

Archer helps organizations manage risk in the digital era—uniting stakeholders, integrating technologies and transforming risk into reward.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

SafeBase

SafeBase

Safebase provide the infrastructure for Trust Communication. Our Trust Center enables Security and Sales teams to share and automate access to security, compliance, and privacy information.

Zally

Zally

Using advanced behavioural biometrics and AI, Zally is the world's answer to next-generation security.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.

TrueDeploy

TrueDeploy

Making Software Security EASY. The Security Status of Your Software in One Place. All you have to do is Deploy.