These days we don’t have to worry with just the criminals in our community. Attacks may come from thousands of miles away.
Recently there have been stories in the news media about Distributed Denial of Service (DDoS) attacks directed against banks. In these types of attacks, cyber criminals send a flood of internet requests to a bank’s website. This “digital deluge” makes it appear that the site is down and something bad has happened (or is happening). Such attacks are usually distractions meant to disguise some other criminal activity or to draw attention to a particular social issue. For example, a recent DDoS attack occurred immediately prior to a criminal attempt of a fraudulent wire transfer. Customer data is generally not vulnerable due to these DDoS episodes.
The flood of internet requests that characterize a DDoS attack can come from a small discrete block of computers or, in sophisticated attacks, from thousands of computers whose owners may or may not be aware of what is happening.
The attacks themselves are hard to predict and avoid. However, we can do things both to prepare and to respond to this particular type of threat.
Should Peoples Bank be the target of a DDoS attack, here is what you should know.
In the event of a DDoS attack, our systems will immediately send an alert and trigger our mitigation protocol. We will then be looking at our internal network traffic to ensure no other suspicious activity is taking place “under cover” from the DDoS event.
While our technical team is addressing the issue, we will escalate our customer communication efforts. Peoples Bank maintains alternate communication channels to keep you informed if our primary web page is inaccessible. If the web site is “down” or slow to respond to your requests, you should check the below sites regularly or, if the attack is affecting a large swath of the internet, contact our customer service team. You may wish to print this list or put this information in a convenient place for future reference.
- Twitter: Follow the bank’s Twitter feed at @realpeoplesbank to get updates in real-time.
- Facebook: We maintain a community page at www.facebook.com/therealpeoplesbank.
- Peoples Voice blog: Our blog site resides on a separate server than the primary web page. The direct web address is https://blog.peoplesbanknc.com.
- Customer Service: Customer service representatives are available by phone from 8 am to 7 pm, Monday through Friday. Dial 828-466-1765 or toll-free 877-802-1212. Emails to customer service can be addressed to email@example.com.
Should a DDoS attack affect our web site’s performance or any of our internet processes, we will be immediately working with trusted vendors to 1.) ensure there is no compromise in customer data security and 2.) restore operations to your expectation and needs.
Bank data, not just the money in our safe, is under constant threat. Peoples Bank is always working to guard your customer information. We work closely with federal and state agencies and we adhere to IT security best practices. Our network is “hardened” with top-of-the-line hardware and software and we keep it current with advances in technology. Secure entry protects our facilities. Our website is also designed to withstand the threat of hackers and cyber attack.
Sometimes DDoS attacks originate from a proxy, from computers infected with a virus or other malware. Some financial institutions experienced a DDoS attack from software that was secretly installed on their customers’ computers! These customers were unaware of the malicious software that caused such trouble.
Banks are not the only ones who need to verify their computers are running current operating systems, with up-to-date software patches. Customers also need to make certain their devices are secure and clean from infection of malicious software. This requires a good regimen of “digital hygeine” for computers and mobile devices such as tablets and smart phones. It also requires a strong password for the computer itself and for web sites where sensitive information is stored. Check out How to Protect Your Identity on TheRealPeoplesBank.com and be sure to read about these topics from our series of online security blog posts.