Slashdot Mirror
Finnish Bank OP Under Persistent DDoS Attack
An anonymous reader writes The Finnish bank OP Pohjola Group has been a target of a dedicated DDoS attack for days. The attack, which investigators said was launched from both Finland and abroad, began on New Year's Eve. OP was forced to open a helpline for customers unable to confirm payments or transfer money because of jammed systems. On Saturday the firm said it would compensate people for any losses or late payment fees incurred as a result of attack. On Sunday morning the bank tweeted that its services were operating normally and even customers based outside Finland were able to access their accounts — and that it was still monitoring traffic carefully to try and ward off any renewed strikes. However, on Sunday afternoon further denial of service attacks took place delaying payments and preventing access to banking services for OP customers. A formal police complaint has been filed and OP says that KRP is looking into the case.
So lots of DDoS been going on recently.
Technical fix?
That traffic be too OP for OP to handle...
Buck Feta. You know what to do.
God prefers stone tablets. They last longer, at least if you don't intentionally smash them...
Sleep your way to a whiter smile...date a dentist!
Sure... Linux will solve all DDoS problems with fairy dust and other magic.
I'm by no means a fan of Windows, but install any odd Linux distribution of a few months old on a public IP address, with most standard features enabled and let's see how long it lasts without getting exploited.
Also, Linux solves nothing if you're on the receiving end of a very large DDoS. The only thing that will help you then is sufficient bandwidth, sufficient server capacity and dedicated, specialized filtering equipment. Then again, it's still hard to fight many of those "semi-intelligent" DDoSes and even the best hardware and massive pipes will get you only so far.
It's time to see those DDoSes for what they really are: Lame acts of vandalism or extortion. There's nothing clever about them and they're causing an increasing amount of financial damages, often also a lot of collateral damage. Maybe it helps if those who initiate them get caught more often and don't get away with a few weeks of house arrest and public service.
There are service providers that specialize in DDoS mitigation. Some of them already host banks (lots of them, in some cases), and have multiple terabits of bandwidth available to survive DDoS attacks with minimal impact. They're able to mitigate attacks in the hundreds of gigabits.
They're not cheap, but they work, and banks tend to be able to afford it.
At least it's only a DDoS attack and not a full scale DDoS hack.
New mouse does this. Wanted to mark funny, ended up as troll. Replying to fix.
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
linking on Slashdot won't help fixing a DDoS.
Guess there is a reason for DDoS but couldn't find it in your message. Without this is no new, just rubbish!
In addition to OP (Osuuspankki), Nordea has also been attacked, and even Danske Bank is having troubles at the moment, though it's not known if they're being DDOSed or if it's just the usual incompetence.
Maybe they know you won't and they are trying to slur a competitor who would never spam /. for that I am going to click the link and buy some WINE Is Not an Emulator...
DDOS requires close to zero skill with all that bandwidth available today.
You might as well burn the building down but doing that actually requires some skill.
Question... Does /. send my login details over https?
Finland, like other countries that have had security incidents, seeks to protect itself ....
Supo wants expanded net surveillance powers - 20.6.2013
The head of the Finnish Security Intelligence Service (Supo) has told the business daily Talouselämä that his organization wants increased funding and expanded powers to carry out surveillance of internet traffic.
Five years ago, the Swedish Defence Radio Authority (FRA) was authorized to warrantlessly wiretap all telephone and internet traffic that crosses Sweden's borders. According to Supo chief Antti Pelttari, Finland should consider introducing the Swedish model here as well.
"Our legal mandate is to ensure the security of the State of Finland and its social system from both internal and external threats," said Pelttari. "There must be means available to monitor what is transmitted through data networks, and the capacity to identify and evaluate anomalies," he added.
I wonder who is attacking the Finns, and who would have reason to? Russia has been menacing Finland and its neighbors in the Baltics with incursions by aircraft and submarines. There is concern that Russia may turn on Finland after Ukraine. The Baltic states and other targets of Russia have suffered similar attacks coming from Russia.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
I see no other reason for this DDoS attack but vandalism of some sort. The attackers have no political agenda (this is a small Finnish bank, not one of the big tax-haven transfer banks like UBS. It also has no political connections/owners.
The attack also has no way of obtaining any useful info, as all banks in Finland use one-time passwords for login.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
No. You login as AC over http.
Sleep your way to a whiter smile...date a dentist!
http://www.independent.co.uk/n...
Religion is what happens when nature strikes and groupthink goes wrong.
It's time we started charging those who launch DDOS attacks with "terrorism". They impact the entire public community of their target, with widespread damages and effects to both the user and provider of the DDOS'd services. Lock the bastards up when they're caught for far, FAR longer than happens now. :(
I do not fail; I succeed at finding out what does not work.
I knew it. Something was a-miss this morning, some hidden urge or itch was there. I am sure you know this feeling, you know something is wrong but do not know exactly what. You took cover away and then the difficult to identify feeling becomes a full blown itch and burn - this big monster is called Putin sending his proles to do their dirty deeds.
But seriously - I know there are technical means to mitigate such attacks but they are still an annoyance and the only way to combat those is to go after the attackers. Pointing fingers in general direction of Putin, Russia or Zamunda is not going to do anything but raise tensions possibly, strengthening this overwhelming feeling that conflict is inevitable making the conflict in fact inevitable - if you are under pressure from all sides you may justifiably feel threatened , sort of self fulfilling prophecy.
Yet from another angle - all the BS that NSA and security military industrial complex did over years is making me uneasy about any request for more power. Clearly the police needs more powers to find perpetrators of such acts of IT violence but we also know that they are going to abuse that as soon as they get those new powers. Thus NSA is also a culprit then.
How interesting that you post it in a story about a DDoS. Want to give us ideas how to deal with that spam?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Not every problem is a nail. No matter how much you love your hammer.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Could be a customer of the disgruntled kind. At least that was my first thought.
SLOWER TRAFFIC KEEP RIGHT
Are we 4chan yet?
CLI paste? paste.pr0.tips!
Unlike ecommerce sites that are open to any new customers, it seems a bank could easily have warded off such an attack with a Bayesian or other learning algorithm. Assuming two-factor auth, you have a list of all of your clients most common authenticated IP addresses. Add those to an allow or positive factor list. Then take all unknown IPs and add them to a negative list. When you are being overwhelmed by a DDOS, the negative list can simply be discarded while the positive list has priority at the router. While this would not entirely stop the effects of a DDOS it should make it a much more underwhelming attack rather than a an all-out crippling of infrastructure.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
Anyone checking the back door while the front one is being DDoSd?
It's a great distraction to take eyes of a real attack via more profitable and less visible vectors.
blindly antisocialist = antisocial
if you look at the source, it appears the answer is YES. however i dont get whats going with all the ascii art and braintreepayments.com in the beginning. sorta weird.
login -
form action="https://slashdot.org/my/login" method="post" onsubmit="if (global_returnto) { this.returnto.value = global_returnto }" class="embedded">fieldset style="-webkit-border-radius:10px 10px 0 0;border-radius:10px 10px 0 0;-moz-border-radius:10px 10px 0 0"
Please tell the audience more about your wines and vineyard history here. We are all listening!
You are a tapdancing cow!!
If you log in to Slashdot as a user, the password is sent over HTTPS, but then your session cookie is sent over HTTP where anyone can Firesheep it and pretend to be you. Only subscribers are protected from cookie copying.
Am I tepples, or am I pretending to be?
So what do you propose to fight dancing pigs? Should governments make it illegal for members of the general public to own a machine that both connects to the Internet and gives the owner administrative access? Or should ISPs require PC owners to surrender administrative access to the ISP using something like Trusted Network Connect, as Alsee predicted would happen sometime this year?
Pretty much
Yes but HOW are they running the DDOS on them? Through windows zombie PC's from Joe Shmo that doesn't realize his box is rooted and wonders why his cable internet is so slow? Yarp!
Linux isn't a magic bullet but consumer education on the issue is a good start, and Microsoft fares better when it doesn't educate users about such things.
No. But we have to address it soon or we WILL get what you propose. Because that's probably what governments would certainly enjoy, and with insecure computers littering the net with their garbage, they have every excuse to demand it.
I'd be very happy about laws that make you responsible for what your computer does on the net. I'm required to keep my car in good repair so the brakes work and the lights indicating what I'll do, too, if I want to participate in traffic (not to mention that I'm required to know the relevant laws and rules). I'm required to keep my house in decent repair and keep people from squatting there if I don't want to be held responsible for damage that can be traced to my negligence. No matter what hobby I may have, as soon as it could possibly have some sort of impact on others there are a lot of regulations I have to heed to be allowed to do it.
Just when it comes to hooking your computer to the internet you can be as much of an idiot as you can be and not be responsibly for diddly squat.
Why?
One thing is certain: More and more computers on the internet are infected in some way, becoming malware infested bots that are used by criminals in various nefarious ways. This will eventually lead to governments passing laws to stop that. It's only logical. It's the only thing governments could do to stop it, since the criminals are usually way outside their jurisdiction. And unless we find a way to solve this problem, they will solve it. And rest assured, their solution will certainly mean as much control over your machine as they can get away with.
My suggestion in this context would be that people become responsible for what their computer does. And if they can't show that they have taken just and reasonable actions to reduce the chance of being infected, I'd throw them in with the actual criminal for aiding and abetting. Without going overboard with it, I'd already consider it quite just and reasonable if people kept their system updated (which is the default setting for contemporary systems) and took reasonable care to avoid infections (installing some sensible antivirus should do). Nothing that would require any kind of learning or even knowing what they're doing, don't worry.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Without going overboard with it, I'd already consider it quite just and reasonable if people kept their system updated (which is the default setting for contemporary systems) and took reasonable care to avoid infections (installing some sensible antivirus should do).
Can an antivirus be called "sensible" if it has only batch scanning like ClamAV as opposed to "real-time" scanning? If not, what "sensible" antivirus might users of GNU/Linux or OS X use?
I was giving examples. Take "just and reasonable" precautions and you're fine.
I agree in principle. I also agree with you that early legislation will cause wide-reaching unintended consequences.
Whatever just and reasonable is would be up to a court.
The imagined threat associated with "Trusted Network Connect" is that ISPs might require all subscribers to run ISP-approved antivirus on an ISP-approved kernel. If there's no available antivirus for a particular operating system, the ISP will just decline to approve the operating system and thus won't give the subscriber an IP address outside its private internet. The court would likely end up ruling that ISPs, as private sector companies, have the right to choose their customers.
One thing is certain, we will get some kind of legislation in this matter. Corporations are losing money and it's impossible to catch the actual criminals.
The fear is that Microsoft and Apple will fool ISPs into thinking GNU/Linux users such as myself share enough overlap with "the actual criminals" to warrant an ISP-imposed ban on connecting a home PC running a free operating system to the Internet.