We’ve written about banks that have been hacked, including the rash of banking sites infected with denial of service attacks this year.
Add Bank Innovation to the list.
Starting last Thursday, BankInnovation.net came under hack attack. Malware was injected into our server — we are trying to figure out exactly how — caused a phishing attack of unknown origin and unknown purpose. Well, we know the purpose is nefarious; we just don’t know the nefarious purpose.
By Friday night we solved the problems and made the site live again. We do not believe any visitor to the site was in any IT danger, otherwise we would have kept the site closed. We first closed down the site around midday Eastern time on Thursday.
I share this news with you not just because we believe in transparency, but because it has taught us a valuable lesson: not just massive sites are vulnerable. Recently, data was released that showed DOS attacks took up 700% more bandwidth last quarter than in 4Q 2012, like multiplying cancer cells:
So where do the attacks come from? China was the leading source; DDOS traced to that country accounted for nearly 41 percent of the total, followed by the U.S., which accounted for nearly 22 percent. Germany, Iran and India rounded out the top five. … But the main thing to understand is that the attacks themselves are getting nastier.
To say that we are troubled by it — or newly troubled by it after our experience last week — is an understatement. We are doing everything we can to avoid problems on Bank Innovation in the future, and we are newly dedicated to stemming hack attacks wherever they rear their ugly heads. We hope you are with us.
UPDATE: We’ve seen that NetBanker and Finovate have been down for much of today, and hope they’re not dealing with the same problems Bank Innovation did.