Home / Industry

Tips to Address New FFIEC DDoS Requirements

Recently, the FFIEC released statements that describe steps it expects financial institutions to take to address cyberattacks — like distributed denial of service (DDoS) attacks — and highlight resources institutions can use to help mitigate the risks posed by such attacks.

The statement went so far as to say that FFIEC members "expect financial institutions to address DDoS readiness as part of their ongoing information security and incident plans. More specifically, each institution is expected to monitor incoming traffic to its public website, activate incident response plans if it suspects that a DDoS attack is occurring, and ensure sufficient staffing for the duration of the attack, including the use of pre-contracted third-party servicers, if appropriate."

While this is common practice for many of the largest financial institutions today, these new recommendations have thrown many smaller banks and credit unions for a loop. In an effort to help financial institutions of all sizes address the new FFIEC guidelines, Verisign and Juniper Networks recently held a joint webinar to highlight what exactly these new guidelines mean for financial institutions, and explain DDoS attacks and common options that leading institutions use today for DDoS protection and mitigation. All of this was discussed in the context of the six key focus areas described by the FFIEC statement: risk assessment, monitoring, incident response, staffing, information sharing, and ongoing evaluation and assessment.

There were several questions during the webinar, including the following two highlighting some key industry challenges:

Q: How does the financial industry compare with others in terms of frequency of DDoS attacks?

At Verisign we compile and analyze data on attack attempts against our customers. Based on 2013 attack activity, about 45 percent of DDoS attacks targeted the financial services industry. Our customer base is weighted toward financials — indicative of the importance of this type of protection to the industry — so it's not too surprising that the vertical represents a high percentage of activity.

Q: NTP attacks have been in the news lately. What are these?

In the webinar, we described NTP amplification attacks that we've seen over the past several years, which rely on a weakness in the User Datagram Protocol (UDP) that allows an attacker to impersonate (spoof) the victim when requesting data from a third-party server. By sending small requests to many third parties that result in large responses directed towards the victim, the attacker can overwhelm victim resources while using relatively few of his own. NTP is a UDP-based protocol like DNS, but it's used to allow computers across the Internet to synchronize their internal clocks so they all agree on what time it is. There are many "open" NTP servers on the Internet that will respond to any request, and the attackers use these servers as the third party in amplification attacks against their victims. The majority of large attacks we have seen over the last year have been amplification attacks. Having a robust network and application layer DDoS protection solution is the best way to protect against these attacks.

For more information about how to implement a DDoS protection strategy, watch the on-demand webinar or read an earlier blog post, How Financial Institutions Can Up Their Game Against DDoS Attacks.


About Verisign – Verisign, a global leader in domain names and internet security, enables internet navigation for many of the world's most recognized domain names and provides protection for websites and enterprises around the world. Verisign ensures the security, stability and resiliency of key internet infrastructure and services, including the .com and .net domains and two of the internet's root servers, as well as performs the root-zone maintainer functions for the core of the internet's Domain Name System (DNS). Learn More

Related topics: Cyberattack, Cybercrime, Cybersecurity, DDoS, Networks


Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper

DNS Security

Sponsored by Afilias

Mobile Internet

Sponsored by Afilias Mobile & Web Services


Sponsored by Verisign

IP Addressing

Sponsored by Avenue4 LLC

Promoted Posts

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

Mobile Web Intelligence Report: Bots and Crawlers May Represent up to 50% of Web Traffic