Anonymous has remained true to its commitment to a 30-day campaign against central bank sites across the world. Last week’s pre-emptive DDoS attacks against the Bank of Greece revived Operation Icarus, announcing that “Olympus will fall”.
Operation Icarus commenced in January 2016 against the “Global Banking Cartel” which Anonymous, together with a very large part of the global population, hold responsible for economic inequality and recession. They deplore the immunity from punishment financial institutions are enjoying despite the severity of the financial crimes they’ve committed.
May 4th saw the resumption of #OpIcarus with an attack on the Bank Of Greece. Bank officials, however, were quick to downplay its severity, stating that they’ve experienced some amount of downtime that the bank’s IT team attempted to reduce.
At this point it’s important to note that no financial transactions are taking place through the Bank Of Greece website. Its only purpose is informational, so no matter how effective the DDoS attack was, the effect it had on the backbone infrastructure can be considered minimal.
Since then, the weekend of 7th and 8th May saw a resurgence in attacks against the Central Banks of the Cyprus, the Netherlands and the Maldives, warming up for even bigger targets.
It’s not the first time that Greek Banks have been been subject to DDoS attack. Last December the Armada Collective used such an approach against the National Bank of Greece, with a more sinister philosophy than that of the more idealistic Anonymous. Armada asked for ransom in return for not escalating the attacks which would supposedly have brought the sites to a halt. These are sites that carry out real transactions both with the public and other Banks through the Interbanking system; had the attacks been successful, the damage taken would have been substantial.
So what is this infamous DDos Attack?
It’s an attack where the hackers overload the website with mass requests, causing it to collapse under the heavy load. Although its effectiveness can be debated, with most of the attacks causing disruption rather than real damage, there are cases in which well coordinated and sustained attacks can lead to prolonged blackouts that force owners into paying the demanded ransom. Such a case was Armada’s strike against a number of Swiss hosting providers, in which an email sent to their officials explains the process of performing such an attack, making for an informative and revealing read.
So when officials or representatives announce that the downtime was “not such big a deal” and that it was successfully mitigated, it could be very well mean the opposite, covering up the real story of how the DoS attack was paid off rather than fought off. How we can find out what really happened is a difficult problem.