By Joshua Ostrer
Cyber-attacks are making the news yet again, and this time, they’re focused on banks.
For a week, cyber-attacks plagued the websites of major American banks.
The banks included Wells Fargo, U.S. Bank, PNC Bank, Bank of America, and J.P. Morgan Chase.
At the start of the attacks, the identity of the attackers was completely unknown. However, since then groups have claimed responsibility. One such group is the “Izz ad-Din al-Qassam Cyber Fighters,” claiming to be angry over the incendiary movie trailers for ‘Innocence of Muslims’,” a movie negatively depicting Muhammad.
However, some analysts doubt the claim, as the attack contained an entirely new level of sophistication.
“Only a handful of companies around the world could survive a hit of 70 Gbps (Gigabytes per second) in conjunction with the complex blend of attack vectors we have witnessed,” said Prolexic Chief Executive Officer Scott Hammack.
The attack came in the form of a distributed denial of service attack or DDoS.
A DDoS attack functions by launching an overload of requests for a website until the website’s server is overwhelmed and either loses functionality, or is forced to be shut down completely.
Basically imagine thousands of people trying to get through the same door at once, and then trying to squeeze through while they do it.
The attack, named itsoknoproblembro, immediately attracted the attention of Prolexic technologies, “the global leader in DDoS protection services” and its Security Engineering & Response team (PLXsert). Even security companies were worried about itsoknoproblembro.
“The size and sophistication of this threat has created a high-alert within various industries and with good reason…I’m proud to say we’ve successfully mitigated multiple itsoknoproblembro campaigns throughout the year, even when attack vectors have continuously modulated during the course of the assault,” said Scott Hammack.
DDoS attacks also commonly use “spoofed” IP addresses. However, part of what made itsoknoproblembro so effective was that it had legitimate, non-spoofed IP addresses, enabling it to bypass protective mechanisms against “spoofed” IP addresses.
While the attacks didn’t directly affect funds or personal information of the banks or their customers, many customers were unable to check their bank information for a day or more.
Some analysts still believe the attack can lead to a loss in consumer confidence, which could greatly impact the affected banks going forward.
Some worry that the attack is a sign of further mayhem to come. “These are significant attacks…they should be considered a warning of the cyber cold war,” commented Lt. General Harry D. Raduege.
Raduege, who used to work for cyber divisions within the U.S., says that this attack can be classified in the latter of cyber-warfare—“operational” attacks, where the goal is to disrupt infrastructure, causing a political uproar (which there most definitely has been).
Raduege ranks the attack below the “strategic” level which includes destruction of infrastructure, citizens or financial institutions, and military confrontation.
Chairman of the Senate Homeland Security Committee, Senator Joe Lieberman believes the Iranian special forces are behind the attack.
“I don’t believe these were just random hackers. I think this was done by Iran and Quds Force, which has its own developing cyber-attack capability,” said Senator Lieberman.
Iran has a motive, after the Stuxnet virus, believed to have been developed by the United States, forced the shutdown of nuclear centrifuges at the Natanz nuclear facility in Iran in 2010. However, Iran has denied any involvement.
Just this Monday, the White House reported cyber attacks to non-confidential servers, describing the rate of attacks as “not infrequent.”
Regardless of who’s really to blame, this situation isn’t over. With intrusive viruses and DDoS attacks constantly evolving, it looks like cyber-warfare still has a long way to go.