Over a million developers have joined DZone.

A DDoS Attack Hit HSBC, Taking Them Down for Hours

Security: it's not just an IT concern, but a business issue. HSBC was smacked with a DDoS attack, and went down for several hours. Check out the performance problems that hit HSBC with this DDoS attack.

· Performance Zone

See Gartner’s latest research on the application performance monitoring landscape and how APM suites are becoming more and more critical to the business, brought to you in partnership with AppDynamics.

HSBC reported a Distributed Denial of Service (DDoS) attack last Friday that resulted in an outage lasting several hours. Despite being isolated to the UK HSBC website (http://www.hsbc.co.uk/), the downtime left a lot of customers without any access to the banking site.

To add salt to the company’s already painful wound, the outage couldn’t have come at a worse time—the final Friday of the month is typically a payday for UK businesses, not to mention the end of January is also a critical time for tax returns.

The incident was reported Friday morning, however, our charts displayed indicators that are typical of a DDoS attack as early as Thursday evening.

Web page response times began to spike around 10:30 p.m. GT, with test failures beginning around 7:00 a.m. GT Friday. These failures included connection failures and test timeouts caused by increased latency while sending data.

HSBC performance chart

When you dig deeper into the data and other metrics available, you will see that it shows the servers were having issues delivering the bigger assets on the page, like jpg, png and js files, prior to the outage. This is evident by looking into the metrics that show the latency with sending the data from the servers, more specifically wait (time to first byte) and load (from first byte to last byte) times.

HSBC performance chart

Since the DDoS attack was impacting the web server’s ability to send data efficiently, they eventually failed to establish connections with the end users at all as the servers became overloaded. This led to frustration on both sides, as the outage lasted intermittently for several hours.

While it’s impossible to prevent all outages from happening, using a monitoring tool that delivers the ability to catch problems sooner can decrease your risk of failures and DDoS attacks. As a digital performance analytics platform, our customers are able to receive timing alerts on of any of the metrics discussed above, empowering them to preempt the attack before a failure occurs.

The customer experience should be the top priority for every digital business. Though it hasn’t been confirmed when exactly HSBC became aware of this issue, it’s clear that arming your business with the proper tools can mean the difference between experiencing a minor dip in performance and suffering a complete interruption of your users’ access to your site.

The Performance Zone is brought to you in partnership with AppDynamics.  See Gartner’s latest research on the application performance monitoring landscape and how APM suites are becoming more and more critical to the business.


Published at DZone with permission of Mehdi Daoudi, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}