“Problems logging in to the big bank” is a common headline in the media recently.
Banks’ problems can be due to various reasons, but according to IT security expert Marcus Murray, they also have a problem with overload attacks.
– It is a method used to influence public opinion, trust in our financial system, and so on, he says.
Recently, banks have had recurring problems with logging in and various operational disruptions. Last Sunday, both Handelsbanken and Swedbank had problems where customers could neither log in to the website nor in their internet and mobile banking.
None of the banks wanted to go into more detail about what caused the disturbances.
“We must ensure that our systems are available and if we experience disruptions, we must rectify them as soon as possible. Customers should not worry as their money and data are safe. And of course we apologize when it doesn’t work as intended”, writes Swedbank’s communicator Love Liman Jacobsson in an email to TV4 Nyheterna.
Last week, Nordea had extensive disruptions, where several of the bank’s customers had difficulty logging in. According to Nordea, it was precisely overload attacks, the bank’s press department told TT.
Can overload the systems
IT security expert Marcus Murray believes that the problems with the banks can be due to various reasons. But says that the banks generally have a problem with DDoS attacks. This means that an actor floods a local network, an app or service with unusually large volumes of traffic so that the system becomes overloaded – and that customers do not arrive.
– It is a method used to influence public opinion, trust in our financial system and so on. That is the reason such attacks occur, says Marcus Murray.
60 percent of all the world’s attacks take place in EMEA, the Middle East, North Africa and Europe.
– Because here we are in war situations. We have war in Palestine, Lebanon, Israel and we have the war in Ukraine. We see that there is a very strong connection today.
“People should think it’s worse than it is”
Russia has a lot of activity in DDoS attacks – but they are not alone in that, says Murray. But he also points out that the attacks are not dangerous.
– If you get worried when you read about it in newspapers and in the media, then the threat actors benefit. But if you understand that this really only happens to make people think it’s worse than it is – then it’s not so dangerous.
– So it’s a type of graffiti, they scribble a bit, it’s hard for a while then you wash it off and move on. And then there is no danger at all.