By Mike Lenon on January 30, 2016
British bank HSBC has managed to gets its Internet and mobile banking systems back online after crippling distributed denial of service (DDOS) attack knocked systems offline on Friday.
"HSBC internet and mobile banking are now fully recovered. Thanks for your patience and again we apologise for the disruption," the bank on Twitter.
HSBC originally said that it had successfully defended the attack, but systems remained offline and inaccessible for many customers for hours on Friday.
"HSBC has suffered another high profile website outage that has left its customers in a very awkward position, especially given today is when most people in the UK get paid and have to settle bills,” Richard Kirk, SVP at AlienVault, told SecurityWeek. “HSBC claims that the attack was successfully defended and this is most likely true, to the extent that if it is a DDoS attack, then the online systems can be quickly taken offline to prevent any potential damage,” Kirk said. However this does not help its customers. Questions that need to be asked are, is a DDOS attack a network or security concern? This is an important consideration, since it will dictate what response is triggered.”
“In today’s cybersecurity landscape, all companies should expect to be targeted by attackers. While it’s essential to consider prevention strategies, it’s equally important to consider recovery and to be positioned to bounce back quickly and maintain continuity,” said Monzy Merza, chief security evangelist at Splunk. “Organizations need to have a deep understanding of their infrastructure and environment, meaning that full visibility is the key. A successful recovery plan includes visibility, analysis and automated and human-mediated response capabilities. The HSBC breach shows us that attacks are bound to happen and a well-instrumented organization can recover from even the most sophisticated attacks."
HSBC did not say who may be responsible for the attack, and so far, no public claim of responsibility from any hacktivist or other cybercriminal group has been made.
According to BBC Technology Correspondent Rory Cellan-Jones, HSBC was not the only bank hit with attacks this week.