LATEST INTELLIGENCE
MULTINATIONAL BANK THWARTS DDOS ATTACK TO REPAIR PRODUCTIVITY LOSSES AND RESCUE REPUTATION
PRESENTED BY
tThe Situation
On a Friday evening after typical closing time , a multinational bank based in Africa had to resort to enabling geo-blocking on their network to stop a merciless DDoS attack .
The bank had been enduring the attack for most of the day , placing both their ISPs under extreme strain . Neither of the two ISPs had any proper DDoS mitigation capabilities .
The productivity hit would be costly , and the bank ’ s reputation was in jeopardy . They needed immediate help to stop the attack and put DDoS identification and mitigation measures in place to stop future attacks .
The Details
Once they realized they were under attack , the bank ’ s NetOps and SecOps staff researched DDoS Mitigation options and were directed to the Arbor Cloud™ DDoS Mitigation Service by a mutual partner .
Download whitepaper here
The attacks suffered were suspected to be part of the campaign that had been ongoing in Sub-Saharan Africa for several months .
A group with access to a substantial botnet claiming to be Fancy Bear had been targeting the financial sector in various countries at the end of 2019 .
Due to the geo-blocking , the banking customers were now cut off from the rest of the world . The attack was volumetric in nature and was targeted at their web services infrastructure . The network would have eventually come down under the pressure and all bank activity would have stopped .
The NETSCOUT ® Arbor team jumped on to a conference call with the customer and informed the customer about the Arbor Cloud Emergency Provisioning Service .
Furthermore , the NETSCOUT Arbor team established that the customer had a / 24 IPv4 prefix , which would make invoking traffic redirection to Arbor Cloud using Border Gateway Protocol ( BGP ), a valid mitigation strategy .
In parallel to the emergency provisioning of the Arbor Cloud DDoS mitigation service , the next step was for the customer to repurpose a decommissioned server
22 INTELLIGENTCIO EUROPE www . intelligentcio . com