On June 19, 2015 FINRA issued an Information Notice on recent Distributed Denial of Service (“DDoS”) attacks by DD4BC, a cyber-criminal group. According to FINRA, DD4BC appears to be targeting financial services and broker-dealer firms that have an online presence.
A DDoS attack will overwhelm a website or network with incoming messages, thereby rendering the site unavailable for its intended users. In recent attacks, DD4BC has first sent the firm an email announcing that the firm will be the target of a DDoS attack. Next, DD4BC will demand a ransom paid in Bitcoin. DD4BC will then conduct a “demonstration” attack, lasting for approximately one hour, and will threaten to continue the attack if the firm refuses to pay the ransom within 24 hours.
FINRA issued a Report on Cybersecurity Practices on February 3, 2015 that highlights effective practices firms can implement in order to strengthen their cybersecurity programs. Elements of a robust DDoS plan may include the use of mitigation and monitoring tools, such as service-provider side traffic filters, and contingency communication plans for customers if a firm’s website becomes unavailable.