FINRA Warns Broker-dealers About Increase in Denial-of-service Attacks
FINRA warned broker-dealers last week that several FINRA members have recently been the victims of distributed denial of service (DDoS) attacks from a criminal group known as DD4BC. (In general terms, a DDoS attack bombards a target website with messages in an effort to make the site unavailable to legitimate users.) According to FINRA, DD4BC first sends its target a ransom request for a Bitcoin payment. This is followed by a short “demonstration” DDoS and a threat of further attacks if payment is not made within 24 hours.
FINRA has advised member firms to contact the FBI, SEC, and FINRA if they are contacted by DD4BC or receive similar attacks or threats. To help prevent and respond to DDoS attacks, FINRA also suggested that firms employ “DDoS mitigation and monitoring tools” (such as those provided by an ISP) and establish a “contingency communications plan[] for customers if a firm’s website is unavailable.”
