In recent weeks, major bank websites around the world have experienced outages after being have been hit with Distributed Denial of Service (DDoS) attacks. Although few, if any, of these banks have been totally knocked offline, these DoS attacks have dramatically slowed the response time of their websites to legitimate customers. The most recent victim was the Royal Bank of Scotland. Due to this attack, RBS customers were unable to access their accounts for about an hour last week.

Earlier this year, RBS was also attacked on the day they were supposed to make 600,000 payroll and other payments to customers' accounts. As a result, they were unable to make those payments as scheduled. This resulted in a number of very unhappy and disgruntled customers who did not receive their credits on time and therefore were unable withdraw funds or pay their bills.

The FBI has reported that these types attacks are becoming increasingly common among banking websites, also reporting that over 100 banks had been attacked just since just April of this year. Apparently, the attackers are seeking to extort money from the banks in exchange for avoiding these DDoS attacks.

The new attacks are different from the previous ones, primarily in their scale. These attacks are peaking at 60 -150 Gbps, while most DDoS attacks use less than 1 Gbps. While these attacks involve greater bandwidth, they seem to be coming from just 2000-3000 machines, rather than the hundreds of thousands of machines that have been involved in previous DDoS attacks.

Apparently, these attackers have found a way to send a much greater number of packets per machine, making them even more dangerous. In addition, since banks utilize the most secure websites in the world, the fact that they are susceptible to these DDoS attacks, with highly-trained security personnel and state-of-the-art security devices, tells us that nearly every other website is susceptible to these same attack and attackers.