Huge DDoS Attack Leaves Chilean Bank in the Dark

A recent cyberattack on Banco de Chile was just another example of hackers deploying DDoS as a diversionary tactic.

From SYN floods to Network Time Protocol attacks to domain name system amplification attacks, DDoS campaigns can take any number of forms — and they’re increasingly used as a mechanism of sociopolitical disruption. “DDoS is often used to raise awareness and protest, to say, ‘We brought down your site; nobody can get to you because we don’t like you,’” explains CSO. “It’s a platform for activism.”

However, over the last 12 months, hackers have gone beyond statement-making by leveraging DDoS as a diversionary tactic situated within a broader — and more material — attack.

Most recently, Chile’s largest bank, Banco de Chile (BDC), was hit with a DDoS attack that led to the unauthorized transfer of $10 million to several Hong Kong-based accounts.

 

Ay, Ay, Allende: A (Ten) Million Dollar Misdirection

On May 24, unidentified hackers used a DDoS attack to flood BDC’s systems with traffic, resulting in the crash of 9,000 workstations and 500 servers. Naturally, the bank diverted all of its IT resources to getting its systems back online as quickly as possible. But in doing so, it overlooked an even graver problem.

While BDC’s IT teams were preoccupied with the DDoS attack, the hackers unleashed a strain of wiper malware similar to the NotPetya virus unleashed on Ukraine in 2017. This allowed the hackers to compromise several critical endpoints in BDC’s digital infrastructure and initiate a series of fraudulent transactions over the bank’s Society for Worldwide Interbank Financial Telecommunication (SWIFT) network — the primary channel through which financial institutions exchange funds.

By the time BDC realized what was happening, the hackers had successfully executed four transactions totaling $10 million. But for BDC, the costs didn’t stop there. The bank halted almost all operations at its 400 branches in response to the attack, and didn’t return to full operationality for the better part of two weeks.

 

Not the First Time

Unfortunately, the BDC incident is just the latest plotpoint in an increasingly concerning trend. Two years ago, hackers attempted to steal nearly $1 billion from Bangladesh Bank through a similar manipulation of its SWIFT network. Their first five transactions — totalling just over $100 million — went off without a hitch, but the remaining thirty were derailed by a simple spelling mistake that raised suspicion among regulators.

Similarly, hackers managed to siphon between $18 million and $20 million from Mexico’s Bancomext central banking system this past May — again, just a fraction of their $110 million target.

 

Keeping Your Company Safe

Ultimately, these kinds of attacks are so common — and so often at least partially successful — because they’re cheap and easy to execute without much technical savvy.

Government authorities are doing their part to crack down on this strain of cybercrime — European law enforcement agencies recently crippled the world’s largest DDoS-for-hire service by seizing control of its website and arresting six of its top administrators. But individual companies have a responsibility to protect themselves and their assets, as well. This means identifying and addressing cybersecurity gaps, building a culture of cybersecurity awareness, crafting a proactive incident response strategy, and more.

At Turn-key Technologies, we’ve been assessing, securing, and managing IT infrastructures for nearly three decades. Our award-winning technicians have the know-how necessary to tailor our cybersecurity solutions to each of our clients’ unique needs, making us the perfect partner for any organization looking to steel itself against DDoS attacks and any other cyber threat they face.

By Tony Ridzyowski

July 26, 2018

Sign up for the TTI Newsletter

Our website uses cookies to ensure you get the best experience while you’re here.

TTI logo

Please, rotate your device