As promised, cyber attackers delivered yet another blow to banks in the U.S. and there’s a good chance it’s affected you and your efforts of checking your balance, transferring money or paying bills. The question is: who’s really behind these attacks and when will they stop? Better still: what are the banks and federal law enforcement doing to rein these hackers in?
It started mid-September when the websites of JPMorgan Chase, Bank of America and a few other big banks were targeted by cyber attackers who say they were upset about the YouTube video that put Muslims in a bad light. The attacks began days after an embassy bombing killed two Marines and a U.S. Ambassador.
The problems continued today with the customer websites of Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and PNC Bank continued to shield a barrage of attacks that equated in obtrusively slow responses and even complete shutdowns at different times. At least one group, Izz al-Din al-Qassam Cyber Fighters – who have also claimed responsibility for all the attacks – released a statement on Wednesday. In it, a promise was made to attack PNC Financial Services again on Thursday. Indeed, that site remains inaccessible and arguably has had the biggest problems today.
Now, many experts in the security sector are calling this one of the worse attacks they’ve ever seen. Known as “denial of service” attacks, the hackers have managed to keep the pressure on while bypassing efforts of security leaders. The massive traffic that’s being sent to the bank websites are designed to slow and crash the sites sporadically. These were the “largest ever recorded by a wide margin” according to more than a few of the analysts.
What’s most interesting – and is just now emerging – is banks are routinely targeted with these types of attacks. Consumers rarely know this because the security of the banks and other financial websites is so strong, it’s barely a hiccup. Now, though, these hackers have clearly outsmarted the best in the business.
The volume of traffic sent to these sites is frankly unprecedented,
said Dmitri Alperovitch, co-founder of CrowdStrike, a security firm that has been investigating the attacks since they began. Alperovitch says it’s “10 to 20 times the volume that we normally see, and twice the previous record for a denial of service attack.” For most of us, understanding how the attacks work is complicated; however, it comes down to the ability of the hackers to gain access to “thousands of high powered application servers and point them at the targeted banks”. Once that happened, they were “in”. Soon, the banks’ servers were completely overwhelmed and legitimate efforts to access the sites by customers were frustratingly slow or inaccessible.
Despite the worrisome nature of these attacks, it should be noted no data has been breached or stolen and no customer accounts are at risk of being hacked. ATMs are safe too. What’s most worrisome to experts is the level of pre planning that seems to be a part of these series of attacks. Those experts say most denial of service types of hacks are “effective but unsophisticated”. They’re also short lived; after all, it doesn’t include any true hacking. The data’s not stolen and no one’s personal information is actually stolen – these efforts are simply for the frustration factor. These new attacks are far and beyond any efforts of the past. They’re consistent, they’re being promised as delivered (which frustrates law enforcement because they have warnings that the attacks are coming, and yet, have not been able to prevent them) and there are so many groups now taking responsibility for the attacks.
As mentioned, the Islamist group Izz ad-Din al-Qassam Cyber Fighters has publicly claimed responsibility for the attacks in what it called “Operation Ababil,” but researchers are not convinced of their claims. Another group took responsibility last week. Meanwhile, Sen. Joe Lieberman has voiced he believes the attacks are the responsibility not so much by a group, but a country. Specifically, he believes Iran is behind the attacks. “I don’t believe these were just hackers who were skilled enough to cause disruption of the websites,” he said.
I think this was done by Iran … and I believe it was a response to the increasingly strong economic sanctions that the United States and our European allies have put on Iranian financial institutions.
Finally, on Thursday, one cybersecurity firm that’s been following the attacks has now began expressing its own doubts about the connections between the Cyber Fighters and the bank attacks as well. The reason is that this group doesn’t believe Cyber Fighters would have the technology to used an advanced botnet that’s been traced to the attacks.