HSBC fights off denial of service attack on its internet banking systems
HSBC has confirmed that it fought off a denial of service attack on its internet banking systems this morning.
A spokesperson for HSBC said: "HSBC internet banking came under a denial of service attack this morning, which affected personal banking websites in the UK.
"HSBC has successfully defended against the attack, and customer transactions were not affected. We are working hard to restore services, and normal service is now being resumed. We apologise for any inconvenience this incident may have caused."
HSBC's online banking login page currently displays a notice which says "We'd like to apologise to all our customers for Online Banking being unavailable. We know how inconvenient this is and we are doing everything we can to rectify the problem. Please try later."
A denial of service attack floods a site with junk traffic so it cannot respond to legitimate requests for access - like stuffing a letterbox with junkmail so that genuine letters can't be received.
When these attacks harness the power of thousands or millions of computers in the form of a botnet, these distributed denial of service attacks (DDos) can cause problems for the largest organizations.
HSBC UK internet banking was attacked this morning. We successfully defended our systems. 1/2
-- HSBC UK (@HSBC_UK) January 29, 2016
These types of attacks are getting more powerful. For example, Arbor Networks' survey found the largest attack reported last year was 500Gbps, with others reporting attacks of 450Gbps, 425Gbps, and 337Gbps.
It's not the first time that the bank has faced a denial of service attack: back in 2012, HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world.
Update 5PM: the bank said it is continuing to see DDoS attacks "but normal service is returning". It said it is working closely with law enforcement authorities "to pursue the criminals responsible for today's attack on our internet banking." It said for urgent transactions customers should visit their local branch.