This PLXsert analysis of global DDoS attacks indicates cyber attackers are using DDoS attacks to influence market values and interfere with exchange platforms.
2. www.prolexic.com
What is a DDoS cyber attack?
• DDoS: Distributed denial of service
• These cyber attacks can:
– Degrade an organizations’ online presence
– Restrict availability of its online services
• Attacks against the financial industry are growing
• Cyber attackers are interfering with
– Stock values
– Financial markets
– Commodity markets
2
3. www.prolexic.com
What is market manipulation?
• Deliberate and malicious interference with market
values
• Attempts to create an artificial price for a tradable
security
• DDoS cyber attacks have sought to:
– Reduce the availability of products and services from
publicly traded companies
– Shut down financial exchange platforms
– Harm consumer and investor confidence
3
4. www.prolexic.com
Malicious actor: L0ngWave99
• Responsible for Operation Digital Tornado
• Attack campaign ran for 3 months in early 2012
• Hit US securities and commodity exchanges
• Claimed to be motivated by political ideals
• Supported the Occupy Wall Street movement
• Harshly criticized policies of the U.S. government
and international finance institutions
4
5. www.prolexic.com
Malicious actor: Al-Qassam Cyber Fighters (QCF)
• Responsible for Operation Abibil
• Attack campaign ran for a year and a half – from
January 2012 through August 2013
• Hit American financial firms, U.S. securities and
commodities exchanges
• Used the itsoknoproblembro DDoS toolkit
• Believed to be located in the Middle East
• Promotes pro-Palestine and anti-Western rhetoric
5
6. www.prolexic.com
Examples of DDoS cyber targets
• Country of Estonia
• Individual firms
– Global media and entertainment company
– Large national oil and natural gas company
• Exchanges
– Hong Kong Stock Exchange news site
– Online finance and trading platform
– U.S. securities and commodities exchanges
– Bitcoin exchange
Details are available in the complimentary white paper, DDoS
Attacks Against Global Markets
6
7. www.prolexic.com
Underground market services malicious clients
• Robust DDoS-as-a-Service marketplace
• DDoS tools available:
– Vary from simple to complex
– Permit the orchestration and management of large
numbers of zombie bots
• Clients rent ready-to-use botnets
• New! Flexible usage-based botnet pricing
– Adjusts the rental fee based on the size of the botnet
desired by a customer
7
8. www.prolexic.com
What’s next?
• Insurgency groups migrate their tactics online
– They adopt hacktivist iconography
– They target American and Western organizations
• Financial industry works to be better prepared for
future DDoS cyber attacks
• Attacks spread to other industry verticals,
wherever the most damage can be inflicted
• Organizations that are hit while unprepared will
suffer losses of public and investor confidence
8
9. www.prolexic.com
White paper: DDoS Attacks Against Global
Markets
• Download the white paper, DDoS Attacks Against
Global Markets in which PLXsert shares its insight into
the use of DDoS cyber-attacks to influence stock prices
and limit trading, including:
– Market manipulation
– 10 DDoS attack campaigns and their market effects
– Perpetrators, their attack methods and public statements
– Types of malicious actors and their motives
– Three groups responsible for most attacks
– Underground ecosystem that supports DDoS cyber attackers
9
10. www.prolexic.com
About Prolexic
• Prolexic Technologies is the world’s largest and
most trusted provider of DDoS protection and
mitigation services
• Prolexic has successfully stopped DDoS attacks for
more than a decade
• Our global DDoS mitigation network and 24/7
security operations center (SOC) can stop even the
largest attacks that exceed the capabilities of other
DDoS mitigation service providers
10