HSBC recovers from DDoS attack, after internet banking services disrupted

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

HSBCHSBC has successfully recovered from a distributed denial-of-service (DDoS) attack which saw a number of its websites brought down, making it impossible for customers to use internet banking services.

The international bank stressed that no customer data was impacted by the attack in a statement posted on its website:

On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world.

This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking.

Sign up to our free newsletter.
Security news, advice, and tips.

We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running.

We are cooperating with the relevant authorities and will cooperate with other organisations that have been similarly affected by such criminal acts.

We apologise for any inconvenience caused to our customers throughout the world.

According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time.

DDoS attacks, which are illegal, occur when a criminal commands a number of computers to bombard a website with unwanted traffic.

In many cases, the computers used in an attack will have been hijacked by hackers using malware, and will be taking part in the assault without the knowledge of their owners. In other cases, people will willingly participate in a DDoS attack.

A co-ordinated deluge of web traffic can effectively clog up a website, preventing legitimate visitors from reaching the site, and bring it to its knees.

You can picture a distributed denial-of-service attack as being something like 15 fat men trying to get through a revolving door at the same time. Nothing moves.

Of course, denial-of-service attacks are no laughing matter.

Some DDoS attacks have been perpetrated for political or hacktivist reasons, while others have tried to blackmail money out of large companies.

Don’t allow your computer to be caught up in a denial-of-service attack. Now would be a good time to ensure that you have good defences in place to prevent your personal computer from being recruited for someone else’s online fight.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.