Banking sites crippled by Iran-sponsored DDoS, US officials claim

By on January 10, 2013, 4:30 PM

Iran is being blamed for a recent wave of cyberattacks, namely a series of Distributed Denial of Service attacks launched against major financial institutions. Affected financial institutions include, but may not be limited to, Bank of America, Chase, Citigroup, Wells Fargo, HSBC, Capital One, PNC, U.S. Bancorp, Fifth Third Bank and BB&T.

Although it is often very difficult to say with absolute certainty that a particular person, place or organization is responsible for such attacks, various officials and experts are convinced Iran is behind the attacks. A group who identifies itself as the Izz ad-Din al-Qassam Cyber Fighters has also claimed responsibility for the attacks, but intelligence officials suggest the group is most likely a cover for Iran.

"The scale, the scope and the effectiveness of these attacks have been unprecedented," said Carl Herberger, vice president of security solutions at Radware, a security firm that has been investigating the attacks on behalf of banks and cloud service providers. "There have never been this many financial institutions under this much duress."

Source: New York Times

Effective DDoS attacks result in major service interruptions, but such attacks do not necessarily constitute a breach in security -- accounts, data and financial information should remain safe. DDoS attacks are often carried out by enormous networks comprised of thousands of computers which concurrently target a particular network, eventually overwhelming the capacity of their servers.
 
Such attacks are typically performed without any sort of network or system intrusion, but even so, may still be very difficult to defend against without interrupting services for regular users. In this case, attackers have upped the sophistication of their DDoS operation by possibly hijacking data centers and flooding banking sites with intractable quantities of encryption requests. This has increased the efficiency with which attackers have been able to cripple their targets.
 
Some officials strongly believe Iran is retaliating against the recent revival of a highly sophisticated malware threat and tightening U.S. sanctions. The resurfaced malware, Stuxnet and Flame, were specifically designed to create problems across Iran's government systems. The U.S. and Israel are largely credited for the creation of these cleverly-written, troublemaking viruses.



User Comments: 12

Got something to say? Post a comment
ikesmasher said:

If I find my bank account drained tommorow, ill know who to blame then..

The banks who were robbed.

Vrmithrax Vrmithrax, TechSpot Paladin, said:

Great timing to coincide with Anonymous and their recent stand on legalities of DDoS... Heh

1 person liked this | davislane1 davislane1 said:

Iranian gov't wants money --> Iranian intelligence hits banking sites --> Iranian managers short financials just before DDoS --> U.S. media reports, acts surprised --> Market reacts --> Iran makes a quick buck.

Well, that's how it works if they're being smart about it.

Guest said:

"The U.S. and Iran are largely credited for the creation of these cleverly-written, troublemaking viruses." Do you mean The U.S. and Chuck Norris?;)

TypeR181 TypeR181 said:

"The U.S. and Iran are largely credited for the creation of these cleverly-written, troublemaking viruses." Do you mean The U.S. and Chuck Norris?

The US and ISRAEL dude Iran are the axis

1 person liked this | avoidz avoidz said:

Did they forget that time the world economy was crippled by the banks themselves?

Tygerstrike said:

Yes because Iran is going to cripple our banking system because of DDoS attacks. Really?! All they are doing is inconviencing the lazy ppl. So you cant do online banking, thats why they still have real ppl to talk and interact with. Normally they can be found at the bank itself......

IAMTHESTIG said:

All those banks are horrible, they abuse their customers in an effort to take more of their money. I wouldn't be upset if these banks lost lots of money from attacks like these. They have plenty of money to spare anyway.

Tygerstrike said:

@STIG

You do realize that the banks themselves wouldnt lose ANY money. It would only be the customers who lost any money. Most banks are FDIC insured so it would be an inconvience to the bank at best. If you feel that strongly about banks, keep your money under your matress.

IAMTHESTIG said:

I forgot that critical detail... that is rather unfortunate for their customers. And I only band with local banks now.

mailpup mailpup said:

FDIC insurance is for protection of customer's accounts in case the bank fails. Banks have to have other insurance to protect them against loss by other means such as theft. Such insurance is not provided by the FDIC.

Shadownova Shadownova said:

@STIG

If you feel that strongly about banks, keep your money under your matress.

It is a violation of federal law to have more than $10,000 cash on your person...

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.