DDoS attack forces Dutch bank offline

The outage of Dutch bank Rabobank last weekend was caused by a massive DDoS attack. The perpetrators are still unknown. The bank reports the attack to the police.

After two days of mystery surrounding the outage Rabobank gave Dutch IDG-title Webwereld a statement explaining the breakdown of both its website and its e-banking services. The Dutch bank was hit by a large DDoS attack (Distributed Denial of Service). The outage of Rabobank happened saturday evening and again sunday afternoon. The website and e-banking services were inaccessible for desktop and mobile users.

Domino effect

The DDoS attack also caused an outage in the Dutch central payment system iDeal. That alternative to PayPal was flooded with returned transaction messages from the attacked bank. This DoS-‘attack’ (Denial of Service) caused the payment system to go partially down.

http://webwereld.nl/nieuws/105785/rabobank-legt-ideal-plat-met-dos–aanval—-update.html

A spokesperson for iDeal-operator Currence tells Webwereld that the buffer of one of its two platforms was filled up. Banks that were connected to that affected platform were also unable to process iDeal payments.

Attackers

Rabobank has now stated that is was under attack by unknown parties. The website Rabobank.nl was bombarded with large amounts of traffic and subsequently collapsed. This was done with intent, says the bank. It will therefore file a police report about this DDoS attack. A spokesman could not tell Webwereld where the DDoS attack originated. “That is part of the investigation, about which we wil make no statements.”

The bank already suspected that the outage was caused by malicious intent. It did not utter this suspension publicly until tuesday evening after it had confirmed the cause of the breakdown. Questions from Webwereld about the nature of the problem and the countermeasures had therefore not been answered yet.

Customers cut off

Rabobank’s e-banking service was unreachable during the weekend on both saturday and sunday. To deflect the attack Rabo altered the DNS (domain name system) records for it’s website. As a result the site was unreachable for the attackers but also for the general public.

Dutch customers of the bank have been complaining about the site and e-banking system being down long after the actual outage had been resolved. The bank was in discussions with local telecoms companies and internet providers to provide connections to Rabobank for their respective customers. This took until monday. Customers outside of the Netherlands were cut of until at least tuesday afternoon.

Government site hit by DDoS

Last week the centralized website of the Dutch government (Rijksoverheid.nl) was hit by a massive DDoS attack. A spokesperson told Webwereld that the attack originated “from a foreign country”, but refused to specifiy that claim. The government website was offline for several hours. During that attack the website of the government organisation Rijkswaterstaat.nl was also hit, albeit only for a short time. The government has filed a police report.