US banks hit by more than a week of cyberattacks (Update)

Sep 28, 2012 by Raphael Satter

U.S. banks have been buffeted by more than a week of powerful cyberattacks, but the mystery surrounding their perpetrators lingers.

One expert said Friday that he was suspicious of claims of responsibility purportedly made by Islamists angry at an anti-Muslim movie made in the United States, explaining that the widely-circulated Internet postings might have been an attempt to deflect attention from the true culprit.

"In the intelligence world, we call that a 'false flag,'" said Mike Smith, whose Web security company Akamai has helped analyze some of the attacks.

The postings, published to the Web earlier this month, suggested that an obscure Islamist group had taken revenge on American financial institutions for the "Innocence of Muslims," a low-budget U.S. film that ridiculed Muhammad, revered by Muslims as the last of God's prophets.

Since then at least half a dozen banks—including the Bank of America, JPMorgan Chase, and Citigroup—have witnessed traffic surges and disruptions. Not all have confirmed they were the victims of an online onslaught, but such surges are a hallmark of denial-of-service attacks, which work by drowning target websites with streams of junk data.

Such attacks are fairly common and generally don't compromise sensitive data or do any lasting damage. Still, they can be a huge headache for companies that rely on their websites to interact with customers.

Most say the recent spate of attacks has been unusually powerful. PNC bank, which was hit on Thursday, has never seen such a strong surge in traffic, spokesman Fred Solomon said in a telephone interview. Smith said he estimated the flow of data at 60 to 65 gigabits per second.

Smith said the profile and power of the attack made it an unlikely fit for the religious youth that the Internet postings called upon to join in the anti-U.S. campaign. He explained that politically-motivated hackers—often called hacktivists—usually flood the Web with appeals for support and post links to software that can turn followers' personal computers into crude cyberweapons.

Twitter and online chat rooms then explode with activity, as casual supporters pile in to coordinate attacks.

"You're not seeing that with this particular set of attacks," Smith said. "At the same time ... the attack traffic is fairly homogeneous. It's not this wide cornucopia of attacks that's coming at you that you see with a hacktivist attack."

So who is behind the campaign?

Cybercriminals often use denial-of-service attacks to shake down smaller websites, but major U.S. banks make unlikely targets for a protection racket.

Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.

Smith demurred when asked who could be behind the campaign, although he said there were "only a handful of groups out there that have the technical ability or incentive" to carry it out.

In any case, the online attacks appeared to be easing. Solomon, the PNC bank spokesman, said while traffic remained heavy Friday the flow was gradually returning to normal.

Doug Johnson, with the American Bankers Association, echoed that assessment.

"I believe it's tapering off," he said.

Explore further: Is it too late to protect privacy? Pessimism reigns over big data and the law

3.8 /5 (5 votes)
add to favorites email to friend print save as pdf

Related Stories

Islamist group warns of new cyber attacks on US banks

Sep 25, 2012

An Islamist group on Tuesday said it will carry out new cyber attacks on US banking targets, according to SITE Intelligence Group, following similar attacks last week in response to an anti-Islam film.

WikiLeaks: Our site's been hit by weeklong attack

Aug 12, 2012

(AP) — The secret-busting organization WikiLeaks says it's been the victim of a sustained denial-of-service attack which has left its website sluggish or inaccessible for more than a week.

Hackers attack Brazil's largest state-run bank

Feb 01, 2012

(AP) -- A group of Internet hackers said Wednesday it took down the website of the Banco do Brasil, Brazil's largest state-run bank. It's the third such attack against financial institutions in a week.

NYSE site hobbled by outages, firm reports

Oct 11, 2011

(AP) -- The New York Stock Exchange's website was apparently hobbled twice Monday, possibly the result of computer attacks as part of the anti-Wall Street protests, according to a company that monitors website response times.

Tech 101: How a denial-of-service attack works

Jul 08, 2009

(AP) -- Investigators are piecing together details about one of the most aggressive computer attacks in recent memory - a powerful "denial-of-service" assault that overwhelmed computers at U.S. and South Korean ...

Recommended for you

Facebook dressed down over 'real names' policy

4 hours ago

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

11 hours ago

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

A Closer Look: Your (online) life after death

Sep 16, 2014

Sure, you have a lot to do today—laundry, bills, dinner—but it's never too early to start planning for your digital afterlife, the fate of your numerous online accounts once you shed this mortal coil.

Web filter lifts block on gay sites

Sep 16, 2014

A popular online safe-search filter is ending its practice of blocking links to mainstream gay and lesbian advocacy groups for users hoping to avoid obscene sites.

User comments : 11

Adjust slider to filter visible comments by rank

Display comments: newest first

Mike_Syzygy
2.7 / 5 (7) Sep 28, 2012
Um, listing WHICH banks were under attack would have imparted interesting information...
TheGhostofOtto1923
2.6 / 5 (9) Sep 28, 2012
Um, listing WHICH banks were under attack would have imparted interesting information...
Or if you really want to know instead of whining, which is also fun, you could have googled it. The list is obviously changing and if you are concerned you ought to check the latest news yes?
Caliban
4.6 / 5 (9) Sep 28, 2012
The utter incompetence embodied in this atatement is mind-boggling:

"Responsibility for online attacks is notoriously difficult to prove, but speculation has focused on an Internet posting suggesting that Islamists were taking revenge for an anti-Muslim film which has sparked violent protests across the Middle East."


A vague, entirely unattributed statement(without link, quote, or even a SUMMARY of its content) that is supposed to imply some sort of causality --or at the very least, complicity?

I don't mean to be an apologist for this activity vis a vis the banks, but I am annoyed at this fundamental breakdown in the basics of good reporting...now I gotta go look for the exact details if I want to assess the usefulness of this story..

What you read above is the equivalent of mere rumor-- but many ignorant, thoughtless dipshits will be all too happy to say that it IS, INDEED, FACT.

Information wants to be free, yes --but it appears that bullshit got there first.


Meyer
4.3 / 5 (4) Sep 28, 2012
Um, listing WHICH banks were under attack would have imparted interesting information...
Or if you really want to know instead of whining, which is also fun, you could have googled it. The list is obviously changing and if you are concerned you ought to check the latest news yes?

Or the author could have googled it and written 6 whole sentences before sending it out for syndication.
defactoseven
3 / 5 (4) Sep 28, 2012
I don't have the time to google the articles but it's been in the news for several days. First a self proclaimed Islamic jihadist hacking group claimed they were going to do this in retaliation for the usual tripe. They named the banks in order starting with Bank of America the first day, Wells Fargo the second, Chase third and anything today would be the 4th... The biggies anyway. Whether they are what they say or not is up for grabs no matter what is reported.
cantdrive85
3.2 / 5 (6) Sep 29, 2012
I smell an MF Global moment, can you say false-flag cyber attack. Just blame it on the Iranians and you not only have another motive for war, but also an avenue to declare a banking holiday where your money will go on "holiday".
http://occupycorp...unt-now/
TheGhostofOtto1923
1 / 5 (4) Sep 29, 2012
Um, listing WHICH banks were under attack would have imparted interesting information...
Or if you really want to know instead of whining, which is also fun, you could have googled it. The list is obviously changing and if you are concerned you ought to check the latest news yes?

Or the author could have googled it and written 6 whole sentences before sending it out for syndication.
No, 7 sentences. 'As this AP news release is dated and these attacks are ongoing, you ought to check the latest news and contact your own bank if you are concerned.' Something like that. Physorg rarely writes its own stuff or alters press releases. Liability issues you see.
Meyer
5 / 5 (1) Sep 29, 2012
Or the author could have googled it and written 6 whole sentences before sending it out for syndication.
No, 7 sentences. 'As this AP news release is dated and these attacks are ongoing, you ought to check the latest news and contact your own bank if you are concerned.' Something like that. Physorg rarely writes its own stuff or alters press releases. Liability issues you see.

Now they have changed and expanded the story considerably, so I guess the point is moot.
TheGhostofOtto1923
1 / 5 (3) Sep 29, 2012
Or the author could have googled it and written 6 whole sentences before sending it out for syndication.
No, 7 sentences. 'As this AP news release is dated and these attacks are ongoing, you ought to check the latest news and contact your own bank if you are concerned.' Something like that. Physorg rarely writes its own stuff or alters press releases. Liability issues you see.

Now they have changed and expanded the story considerably, so I guess the point is moot.
No its not. Another bank JUST got attacked - was it yours? Better go check.
Meyer
5 / 5 (1) Sep 29, 2012
Now they have changed and expanded the story considerably, so I guess the point is moot.
No its not. Another bank JUST got attacked - was it yours? Better go check.

The point about the AP syndicating a vacuous five-sentence article is moot. At least it looks like a real article now. Obviously one wouldn't expect an article to be continuously updated with every new development (although it might as well be, if they are already going to distribute placeholders to be filled in with content later).
cantdrive85
3 / 5 (2) Sep 29, 2012
I would like to point out my speculations about both the false-flag and Iran were made before the article was updated. However, this is not being done by the Iranians, there is no benefit or motive. I would speculate these are in fact being done by the rogue nation that has been pounding the war drums for quite some time now, and would be the ONLY country to benefit from such a tragedy. This is the M.O. of the real terroristic nation of the region, and there is a long list of actions such as The King David Massacre to the USS Liberty to the Beirut Marine barracks bombing to the murder of Iranian scientists and various diplomats around the world. MF Global was a direct theft of funds from commodities speculators who were largely betting against the stability of the monetary system (gold and silver), it was a $4 billion dollar operation to set the precedent for what will be a much larger theft from the naive gentiles only to be blamed on Iran and "Al-CIAda".