Financial organizations tend to be very prominent targets of cyber attacks for obvious reasons. The potential windfalls from the hacking of a bank or other financial institution can be very large. For instance, the Tesco Bank hack, in which attackers were able to get away with £2.5m ($3.1 m) from 9000 customers. In this case, the bank had to then repay all of the funds that customers lost in the hack. In a recent incident, the Lloyd’s Banking Group was subjected to a DDoS attack, which caused temporarily disrupted services.
The incident took place around two weeks ago, and lasted for two days. It is suspected that an international hacking group was the perpetrator of the attack. The DDoS attack resulted in customers being unable to make payments or check their account balances. In a statement to IBTimes UK, a Lloyd’s spokesperson said, “We experienced intermittent service issues with internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused. We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems. In most cases if customers attempted another log-in they were able to access their accounts. We will not speculate on the cause of these intermittent issues.”
Valuable Assets Were Left Untouched
Fortunately, unlike the Tesco Bank hack, there were no resulting financial losses from Lloyd’s or its customers. It also does not appear that any of Lloyd’s company data, or its customers’ data was affected. At this point, it appears that the hacker’s goal was purely disruption, as no other type of breach has been mentioned in any reports. Many times, when it comes to a DDoS assault, attackers will demand a ransom for the onslaught to cease, but this did not seem to be the case.
Lloyd’s is not alone when it comes to being hit by this type of attack. Over the past two years, several other British banks, such as HSBC and Royal Bank of Scotland, have also been affected by service outages caused by floods of fake requests. These threats to the British financial infrastructure were part of the reasoning behind a pledge from Chancellor Philip Hammond to spend an additional £1.9b for the protection of UK online defenses. The additional funds will benefit the National Cyber Security Centre, which is a newly formed division of the surveillance agency GCHQ.