Hack attack: How a big bank beat the bots

Instead of a breach, they got improved cybersecurity and web performance

by AT&T Business Editorial Team

It was an ordinary spring at one of the largest publicly-traded banks in the U.S. until warning signs started appearing on IT dashboards. Automated bots were systematically, relentlessly attacking customer accounts, trying to give hackers access to sensitive information.

Brute force

Malicious bots are scripts written by bad actors that can be easily distributed across computer networks. If the bots can breach cybersecurity defenses, whoever unleashed them can steal, damage, or destroy critical data and customer information. They can also deface websites with malicious messages, infect customer devices with malware, ransomware, or viruses, and even hijack web servers to facilitate other criminal activity. It’s a technique known as a brute force, or credential-crack, attack.

Day after day, the bank CSO and team played an escalating game of cat and mouse. The attackers were changing tactics on the fly, enabling the bots to keep probing customer accounts with thousands of possible usernames and passwords, systematically narrowing down the single combination that would grant the hackers access.

Big bank, big risk

The C-suite knew a lot was on the line. According to Ponemon Institute, security breaches are 1.7 times more costly for Financial Services than for any other industry. And this bank had hundreds of locations, thousands of employees, millions of customers, and billions in assets.

The deluge of login attempts was locking customers out of their accounts. Call center resources were soon overwhelmed. The bank’s own monitoring systems also struggled to stay online under the weight of the unexpected traffic.

The risk of full-scale fraud was rising.

The solution

The bank worked with AT&T Business to rapidly deploy Bot Manager Premiere on the AT&T Content Delivery Network service (CDN). In a single weekend, Bot Manager not only helped stop the attacks, it also helped the bank construct more intelligent defenses that can protect them in the future by staying current on emerging threats.

Because not all bots are bad (some are from search engines and business partners), Bot Manager identifies and categorizes them at the CDN level, allowing them to be routed appropriately. Friendly bots can go where they need to go. But unfriendly bots? They don't just get blocked—that simply helps them refine their approach and try again. Instead, they can be slowed down, fed fictitious information, or even welcomed into areas where they can't do any harm.

The results

Brute force attacks can be difficult to detect and even harder to stop. AT&T Business provided one of the largest banks in the U.S. with flexible tools to identify, categorize, and analyze bot traffic. Instead of a crippling breach, they gained improved web performance, increased online revenue, reduced fraud risk, and a reputation for secure transactions that remains intact.

Want to know if your current defenses are up to par? Take this cybersecurity risk and readiness assessment.

AT&T Business is a leading provider of Edge-to-Edge solutions for Financial Services, and the largest SD-WAN provider globally. Achieve smarter, more trusted interactions with business solutions that integrate our unique ecosystem of technology and expertise with our highly-secure global network to obtain near real-time intelligence from every corner of your enterprise.