The New York Stock Exchange in lower Manhattan. The threats last year went beyond core financial services to back-office firms. “They definitely did their homework,” Jerry Perullo, chief information security officer of the stock exchange, said of the hackers.
Photo: carlo allegri/Reuters By James Rundle The Wall Street Journal Biography @JimRundle [email protected] Feb. 9, 2021 5:19 pm ET | WSJ ProLate last year, more than 100 financial-services companies across the world received threats from a group of hackers who claimed destructive attacks would follow unless large payments were made.
The demands started to arrive in late summer, and it quickly became clear they were from the same source, according to the Financial Services Information Sharing and Analysis Center, a cybersecurity consortium of nearly 7,000 financial companies.
“After about four or five members raised their hands to say that they were seeing similar activity, that’s when we started diving into a potential campaign against our members,” said Teresa Walsh, global head of intelligence at FS-ISAC.
The hackers launched distributed denial of service attacks on particular companies to demonstrate their ability to make good on the threats. In DDoS campaigns, a system is flooded with data requests in an attempt to shut it down. In this case, accompanying messages promised more powerful attacks, and daily increases in the amount of money it would take to call them off, if companies didn’t pay.
Newsletter Sign-up
WSJ Pro CybersecurityCybersecurity news, analysis and insights from WSJ's global team of reporters and editors.
PREVIEWSUBSCRIBE“This accumulat ..
Support the originator by clicking the read the rest link below.
