Hacktivist group Izz ad-Din al-Qassam Cyber Fighters, which have previously conducted distributed denial of service (DDoS) attacks known as Operation Ababil Phase 1, Operation Ababil Phase 2, and Operation Ababil Phase 3 that targeted financial institution websites since September 2012, have announced more attacks against U.S. financial institutions are forthcoming.
Although banks have defended well against the previous DDoS attacks carried out by the hacktivist group, reports indicate that the new phase of attacks known as Operation Ababil Phase 4, will be different from the previous phases of attacks as documented in Intellishield alert 27076
. As a result, financial institutions need to remain vigilant for future attacks.
There has been a quiet period since phase 3 and the announcement of phase 4 of the attacks which may have given the Izz ad-Din al-Qassam Cyber Fighters time to improve there attack techniques or have identified potential smaller targets. During this quiet period, security researchers have seen a growth and maintenance in Brobot, the botnet used in previous attacks, which is a further indicator that the attackers may be planning on conducting further attacks with greater impact.
Cisco has released a guide to protecting environments against DDoS attacks at the following link: Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks
Cisco has released an Applied Mitigation Bulletin available at the following link: Identifying and Mitigating the Distributed Denial of Service Attacks Targeting Financial Institutions