Nordea: The power and duration of cyber attacks are completely unprecedented, intended to destabilize society

Nordea says those targeted at the bank denial of service attacks have been unique in their power.

Director responsible for Nordea’s personal customer business in the Nordic region Sara Mella said on Tuesday that the attacks were on a completely new level based on four specific reasons:

1. Long duration of attacks

The denial of service attacks have already lasted a month continuously, while previously the maximum duration had been four days.

According to Mella, 90 percent of the attacks have been repelled.

2. Power of attacks

Denial of service attacks have been 15 times stronger than before.

While in the past, one million service requests per second were sent in denial-of-service attacks, now 15 million requests per second have been sent.

3. Source direction of attacks

Denial of service attacks have exceptionally also come from Nordic IP addresses, which has made it difficult to combat them.

Denial of service attacks usually come from other directions, in which case Nordea has been able to fight off the attacks with so-called geoblocking, where all requests from the attacking countries have been cut off for the duration of the attack.

4. Unknown motive for the attacks

The attacks have not been given any stated purpose, i.e. the attackers have not, for example, asked for money to stop the attacks.

“In other words, the purpose of the attacks seems to be to destabilize society and undermine trust through the public debate in society,” said Mella.

He also emphasized that there must be a person with a lot of money behind the attacks for a month.

”

“The purpose of the attacks seems to be to destabilize society.”

Nordic according to Denial of Service attacks are usually done by subcontracting.

Mella estimates that the cost of the service blocking attacks, which have lasted for a month now, is “in the double-digit millions of euros”. He did not want to take a position on whether the attacker was a state entity.

The main focus of the attacks has been on Sweden, but all Nordea countries have been targeted by an unprecedented number of attacks.

When in the first half of the year Nordea had been the target of a service denial attack 20 times, now there have been more than 360 attacks, Mella compared.

“This duration is completely different from before.”

Denial of service attacks have been much more public in Finland than in Sweden. According to Mella, Nordea has had to carefully consider how much information is given about the matter, because they did not want to promote the upsetting of social peace that the attacker intended.

“We interpret that the target of the attack is society’s critical infrastructure. Nordea has been used as a tool in that.”

Between according to Nordea has been successful in repelling attacks.

The main disadvantage has been that it has not necessarily been possible to log into the bank’s services at the desired time.

“However, every day the services have been accessed later.”

Nordea estimates that it has repelled approximately 90 percent of the attacks, so that the effects have not been visible to customers in any way.

Nordic service requests from Nordic IP addresses made using new technologies give reason to suspect that the attacker has hijacked the addresses of Nordic households for his own use.

“Home appliances have probably been used as botnets. Society needs to discuss the importance of protecting online home appliances.”

Mella says that Nordea has discussed the matter with the authorities.

“I believe that we need more civic skills in order to understand and know how to act in such situations.”

He emphasized the importance of resilience:

“That society maintains trust and that society defends itself.”

Nick goes on Wednesday, October 16 for the parliamentary finance committee to hear to report the attacks. The theme of the discussion is security of supply.

Nordea emphasizes that customer data is safe in service denial attacks, but the attacks cause delays in accessing services.