Speaking on Wednesday at CERIAS 2013, Mamani Older told an audience that massive DDoS attacks have become “business as usual” for Citi, and that those launching the attacks have fallen into a predictable schedule of attacks. Hump day, she said, is Citi’s turn to fend off a torrent of Internet traffic designed to interrupt the bank’s operations and sever its connections to its customers, she said. “We should be getting hit right now,” she said, according to a report by The Security Ledger.
A group that calls itself the Izz ad-Din al-Qassam Cyber Fighters has taken responsibility for the attacks on banks and financial services organizations as retaliation for insults to the Muslim religion, such as the incendiary YouTube film Innocence of Muslims.
But Older said she suspects that not all of the denial of service attacks aimed at Citi can be traced back to tension between the West and the Middle East. “We’ve seen other (DD0S) attacks disguised as this type of attack, but that didn’t come from these individuals. These were coming from other parts of the world,” she said. The DDoS attacks, she said, may well be “a distraction.” “We believe there’s more malicious activity going on behind the scenes. It could be internal – employees within the company – or external. We haven’t been able to find it yet,” she said.