Financial institutions have always been a prone target for criminals looking to cause havoc. Lloyds Bank users were recently affected by a massive DDoS attack. A criminal aimed to extort US$93,600 from the bank to halt these attacks, which took place between January 11 and 13. During this DDoS attack period, Lloyds Bank users were unable to log onto the online business platform. This goes to show the financial sector has not paid much attention to cyber security just yet, even though they should know better.
Lloyds Bank DDoS Attack Was A Nuisance
Every time an online portal for financial services is affected by a DDoS attack, it leaves customers without access to their own finances. In the case of the recent Lloyds Bank DDoS attack, clients had trouble accessing their bank account and finances for nearly three full days. Thankfully, the matter was resolved rather quickly, as the assailant did not sustain this attack once it became clear the bank had no intentions of paying him off.
The person behind this large-scale DDoS attack was hoping to receive a US$93,600 paycheck from Lloyds Bank to halt the ongoing DDoS attack. When it became clear that would not happen anytime soon, he eventually relented. Not only was the amount far too steep for the bank to pay, the attacker also wanted to receive the funds in Bitcoin. For some reason, online criminals still assume Bitcoin provides them with anonymity, while it is anything but a viable payment method for criminal activities.
Although the investigation into this DDoS attack is still ongoing as we speak, it remains unclear who is behind it. Preliminary research seems to indicate the attack came from an overseas location, although no specific information has been revealed to the public just yet. What is of particular interest is how the extortion, mail was addressed to one specific Lloyds Bank employee, although it remains unclear why this was the case.
In the end, very few Lloyds Bank customers experienced a major issue due to this ongoing DDoS attack. In most cases, the services remained accessible, albeit they worked a lot slower for most people. Thankfully, the bank got away with this incident without having to pay the rather large “fee in bitcoin. However, it remains unclear if the vulnerabilities exploited by this particular assailant have been closed off for good.
Header image courtesy of Shutterstock