







Due to the poor information technology in XYZ bank, the bank is exposed to a number of information security attacks. The attacks may stem from the threats identified in the previous section. Details of such information security attacks are given below,

1.DDoS or Distributed Denial of Services attack is a security attack that floods the network with huge amount of traffic until it goes beyond the limit of the network. Failing to handle the overwhelming traffic, the network goes down and becomes unavailable to the legitimate users. Attackers use compromised computers or zombie networks for such attacks. A network like XYZ bank, that has so much vulnerability and almost no security measurements, are likely to be a suitable target for the DDoS attack. It will cause severe business downtime, losses to the business and may be losses to the assets of the bank.

2.Malware attack can be caused by virus, spyware, Trojans, rootkits etc. These are categorized under software attack and are highly likely to affect the systems of XYZ bank. The bank has no firewall, antivirus software. So such virus attack may outbreak into the bank’s systems. These types of malware attacks are potentially dangerous. It is sometimes hard to find the sources. In many cases the viruses remain hidden in the system and do nuisances like stealing of data, wasting computing resources etc. It will downgrade the performance of the whole infrastructure severely (Andress, 2014 ).

3.Spam is another type of attack likely to affect the email system. Spam is similar to electronic junk mails. Here, the attacker sends unsolicited junk mails to the recipients. As there is no content filtering, the email server is likely to be a victim of spam attack. Spam is a serious security consideration as it may be extended to severe security attacks by delivering spyware, Trojan and other types of malware. It can be used for finding target for phishing attacks (Forouzan, 2012).