Banking Giant HSBC Suffers Cyber Attack

February 05, 2016//Ellen Neveux

Last Updated: May 30, 2018

In its second service outage in the month of January, Europe’s largest lender, HSBC, was the target of a distributed denial of service (DDoS) attack that took HSBC offline to consumer and commercial interests in the United Kingdom.

As a global financial interest, HSBC has a history of security breaches caused by third-party vendors. In November 2014, a data breach exposed the account information of more than two million Turkish customers. In April of 2015, HSBC informed regulators of a breach exposing the personal information of mortgage holders that may have been ongoing for the better part of a year.

In the current case, HSBC suffered a DDoS attack at January month-end, coinciding with the first pay period for many in the UK, and close to the British deadline for tax filings.

Earlier in January, an IT problem prohibited more than 17 million customers from logging into HSBC online banking services. Noted HSBC CEO for the UK, John Hackett, “There is a complex technical issue with our internet banking systems, and our IT team has been working non-stop since yesterday morning to find a solution. This has involved many tests, diagnostics and trial runs. We are getting closer to solving the problem, but are not there yet. We can, however, confirm this is not a cyber-attack or any other malicious act.”

The latest service disruption in late January was due to cyber attack. During the outage, HSBC officials tweeted, “HSBC UK internet banking was attacked this morning. We successfully defended our systems.”

Damage of DDoS attacks on the rise
DDoS attacks aim to slow or take business offline, sometimes resulting in crippling financial loss. Internet service is interrupted when botnets are remotely instructed to overwhelm a particular website.

In the last two years, DDoS attacks took a darker turn. In addition to disrupting service, launch of a DDoS attack often leads to additional challenges that include the following:

  • Quiet exfiltration of data while IT specialists address the DDoS
  • Compromise of account access information
  • Businesses can go dark for several days, or even weeks, seriously compromising business and devastating brand reputation

In media reports, one data expert noted, “We’ve seen DDoS attacks against banks used as a smoke screen and cover for other nefarious activities such as cyber-heists … large value money transfers, or the bulk theft and removal of consumer account data.”

For bad actors, DDoS attacks are relatively inexpensive to launch, and easy to maintain. Once a company suffers a DDoS, the odds are good the attack will recur in a period of days or months.

While HSBC noted it had successfully defended its systems during the DDoS attack, the institution is working with the government agency, Computer Emergency Response Team (CERT-UK) to pinpoint the criminal elements involved. For a company with a long history of data theft, fraud, and third party vendor data breach, HSBC has significant compliance and consumer service challenges ahead.

The need for secure network solutions
Network intrusion is inevitable — the question is whether businesses and enterprises are prepared.

Contact us for expert vendor management risk solutions.

Subscribe to the SecureLink Blog.
close close