Denial-of-service attacks target Nordea bank amid Quran protests in Sweden

A denial-of-service attack, such as one against a bank, is always possible if the attacker has more resources than the defender, according to Mikko Hyppönen, research director at cybersecurity firm WithSecure. “Broad communication channels can be overwhelmed; it’s purely mathematics. If the bandwidth is a million, you just send a million and one bytes of traffic, and it will crash,” Hyppönen explains.

Nordea announced today that the recent disruptions were due to technical changes made overnight between Saturday and Sunday. However, denial-of-service attacks have been an ongoing issue for the bank. A group called RootDoS has publicly claimed responsibility for the attacks, stating their motivation relates to the burning of Qurans in Sweden. Hyppönen is skeptical: “I find it hard to swallow. It could be true, or there might be something else behind it, and this is just a cover story.”

According to Hyppönen, some servers at Nordea also faced an attack that triggered a so-called reflective attack, causing innocent servers worldwide to unexpectedly receive traffic from Nordea. “As a result, a Finnish person traveling in New York may be unable to access online banking because local operators are limiting traffic to Nordea, thinking it’s the attacker,” he clarifies.

Hyppönen commends the police for their proactive measures, noting they have warned thousands of potential phone scam victims through text messages—a first in Finland. He believes this initiative will help keep recipients alert, even if it startled many. He predicts an increase in fraud due to the high level of system sophistication and a small language area, making Finland potentially vulnerable.

Cross-border fraud is difficult to combat, requiring international laws and cooperation. Scammers often pose as bank or official representatives to trick individuals into transferring money to “secure accounts,” which are then moved to other EU countries, frequently Latvia or Lithuania. In these instances, the impostors may even wear helmets to evade recognition during cash withdrawals.