Thursday, October 6, 2011

Is Bank of America's Website Under Attack?

10/05/11 Screenshot of B of A website
Article first published as Is Bank of America's Website Under Attack? on Technorati.

For nearly a week now, the Bank of America website has been experiencing 'problems' and the homepage warns of possible slow page loads,  "We value your business and appreciate your continued patience. Most of our site is working normally, but you may experience occasional delays."

Bank of America has denied they are being targeted in a coordinated attack but the timing is certainly suspicious.

Speculation is rampant that B of A is being targeted by a distributed denial of service' (DDoS) attack, where an army of compromised computers simultaneously and repeatedly flood a website with bogus page requests until it slows to a crawl or crashes completely. DDoS is a low-level attack, not actually a security breach. It simply overwhelms a website with traffic making it inaccessible.

The problems started soon after B of A came under heavy criticism for their new policy to charge debit card users a five dollar monthly fee. This has produced a strong reaction from users and throughout the blogosphere.

There is also the growing 'Take Back Wall Street' protest, which has spread from NY City, across the country. It expresses the frustration many feel toward the banking systems' roll in the financial crisis.

A prominent hacker group, 'Anonymous' has pledged to support the protesters by attacking NYSE on Oct 10 in retaliation for the arrests of hundreds of protesters.
Historically, computer malware has been used to steal credit card numbers and passwords, but recently, hackers have turned their bot-net army toward websites to make a political statement.

There is even a downloadable program circulating online to voluntarily join a botnet and participate in DDoS attacks against perceived hacker and free speech foes.

Pay-Pal and Mastercard were targeted after they refused to process donations for Wikileaks editor and Internet whistle-blower, Julian Assange.

Other prominent targets of politically motivated dDos attacks include the Music Recording and Motion Picture Industry websites and the US Copyright Office.
Bank of America's lack of transparency about the problem has fueled speculation and concern.  If this is a simple DDoS attack against B of A, and not an actual server compromise, you may have trouble accessing the website, but customers' data should still be safe.

No comments:

Post a Comment