U.S. officials say they’re certain that Iran has orchestrated the recent increase in cyberattacks against American banks. Over the past several months, numerous financial institutions have reported distributed denial of service (DDOS) attacks that make it difficult for customers to do business with the banks.
ABC’s Richard Davies reported, “Recent hits on dozens of online banking sites may be the work of government-backed hackers in Iran, according to US security officials. Since last September hackers have cause slowdowns and other disruptions to widely used banking sites. Citigroup, Wells Fargo, Capital One, HSBC and Bank of America are among the sites that were hit. Consumers who tried to use these sites have faced delays and even shutdowns.”
According to Nicole Perlroth and Quentin Hardy with The New York Times, “The skill required to carry out attacks on this scale has convinced United States government officials and security researchers that they are the work of Iran, most likely in retaliation for economic sanctions and online attacks by the United States. ‘There is no doubt within the U.S. government that Iran is behind these attacks,’ said James A. Lewis, a former official in the State and Commerce Departments and a computer security expert at the Center for Strategic and International Studies in Washington.”
The Mail Online noted, “A hacking group named Izz ad-Din al Qassam Cyber Fighters claimed responsibility for the attacks in an online message board, but the U.S. government says that group is simply a puppet organization run by the Iranian government.”
Computerworld’s Lucian Constantin added, “Evidence collected from a website that was recently used to flood U.S. banks with junk traffic suggests that the people behind the ongoing DDoS attack campaign against U.S. financial institutions — thought by some to be the work of Iran — are using botnets for hire. The compromised website contained a PHP-based backdoor script that was regularly instructed to send numerous HTTP and UDP (User Datagram Protocol) requests to the websites of several U.S. banks, including PNC Bank, HSBC and Fifth Third Bank, Ronen Atias, a security analyst at Web security services provider Incapsula, said Tuesday in a blog post.”