Prolexic Technologies recently announced that financial services firms were the big target of attackers during Q1 2012. (It’s not surprising that Prolexic discovered this – their business is in protecting companies from DoS attacks.) This is one of a number of key findings contained in the company’sQuarterly Global DDoS Attack Report.

The Prolexic Security Engineering & Response Team (PLXsert) team logged an almost threefold increase in the number of attacks against its financial services clients during Q1 compared to Q4 2011, as well as a 3,000% increase in malicious packet traffic. The company also mitigated more attack traffic this quarter than it did in all of 2011.

“This quarter was characterized by extremely high volumes of malicious traffic directed at our financial services clients,” said Neal Quinn, Prolexic’s vice president of Operations. “We expect other verticals beyond financial services, gaming and gambling to be on the receiving end of these massive attack volumes as the year progresses.”

During Q4 2011, over 168 trillion bits of data and 14 billion packets of malicious traffic were identified as targeting financial services clients. This quarter, 5.7 quadrillion bits of data and 1.1 trillion malicious packets were identified and successfully mitigated, representing a 3,000% increase in malicious packet traffic over Q4 2011.

Other report highlights

Compared to Q1 2011

• 25% increase in total number of DDoS attacks
• 25% increase in Layer 7 (application layer) attacks
• Shorter attack duration: 28.5 hours vs. 65 hours
• Decline in UDP Floods and increase in GET Floods

Compared to Q4 2011

• Total number of attacks was virtually unchanged
• 6% rise in Layer 7 attacks
• Average attack duration declined to 28.5 hours from 34 hours
• China remains the top source country for attacks but the U.S. and Russia both move up in the rankings

Key trends to watch

In Q1 2012, average attack durations continued to edge down, dropping from 34 hours in Q4 to 28.5 hours this quarter. Of note, average attack bandwidth increased to 6.1 Gbps, up from 5.2 Gbps in the previous quarter. Taken together, these two metrics confirm previous trend predictions of shorter attack durations, but with higher traffic volumes. This conclusion can be drawn when comparing data from Q1 2012 and Q4 2011 as well as Q1 2012 and Q1 2011.

Infrastructure layer attacks targeting Layer 3 and Layer 4 continue to be the choice of attackers, however, this quarter showed a 6% increase in DDoS attacks targeting the application layer (Layer 7). PLXsert believes that there will be a gradual shift to Layer 7 attacks over the long term.  Regarding attack types over the last 12 months, UDP Floods have declined in popularity with SYN Floods emerging as the “go to” attack type.

Data for the Q1 2012 report has been gathered and analyzed by the Prolexic Security Engineering & Response Team (PLXsert).

A complimentary copy of the Prolexic Quarterly Attack Report for Q1 2012 report is available as a free PDF download from www.prolexic.com/attackreports. Prolexic’s Q2 2012 report will be released in the third quarter of 2012.

The post Hackers targeting financial services firms appeared first on Finance Tech News.

At a recent gathering of BankTech Executive Summit, the folks from the open-source organization Red Hat made a strong pitch to C-suite folks for standardizing their systems on an open source platform.

Red Hat got its start via connections to Wall Street in the United States and it appears in a prime spot to help top-level executives get over their reservations about using open source technologies.

For many in the financial services industry (and for that matter, health care and other industries), the lack of standardization in systems that need to talk with one another is a big concern.

If a critical mass of financial institutions coalesce around an open source platform, many of the challenges of the industry could be resolved to a certain extend.

Does it make sense?

Read more about the Red Hat push on ZDNet.

The post Red Hat courts financial service appeared first on Finance Tech News.