.

Wednesday, January 09, 2013

Iran Behind Hacking of American Banks

Guest post by Challah Hu Akbar, aka CHA or Challah

***

CHALLAH @ New York Times
The attackers hit one American bank after the next. As in so many previous attacks, dozens of online banking sites slowed, hiccupped or ground to a halt before recovering several minutes later. 
But there was something disturbingly different about the wave of online attacks on American banks in recent weeks. Security researchers say that instead of exploiting individual computers, the attackers engineered networks of computers in data centers, transforming the online equivalent of a few yapping Chihuahuas into a pack of fire-breathing Godzillas. The skill required to carry out attacks on this scale has convinced United States government officials and security researchers that they are the work of Iran, most likely in retaliation for economic sanctions and online attacks by the United States.  
“There is no doubt within the U.S. government that Iran is behind these attacks,” said James A. Lewis, a former official in the State and Commerce Departments and a computer security expert at the Center for Strategic and International Studies in Washington. 
...Since September, intruders have caused major disruptions to the online banking sites of Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC. They employed DDoS attacks, or distributed denial of service attacks, named because hackers deny customers service by directing large volumes of traffic to a site until it collapses. No bank accounts were breached and no customers’ money was taken.  
By using data centers, the attackers are simply keeping up with the times. Companies and consumers are increasingly conducting their business over large-scale “clouds” of hundreds, even thousands, of networked computer servers 
...A hacker group calling itself Izz ad-Din al-Qassam Cyber Fighters has claimed in online posts that it was responsible for the attacks. 
...But American intelligence officials say the group is actually a cover for Iran. They claim Iran is waging the attacks in retaliation for Western economic sanctions and for a series of cyberattacks on its own systems.