Sunday, January 6, 2013

Iran Launches More Cyber-Attacks Against U.S. Financial Institutions

Iran is continuing aggressive cyber attacks against U.S. financial institutions and officials say the U.S. government has failed to take steps to halt the electronic strikes.

The sophisticated denial-of-service cyber attacks have been underway for several months and involve Iranian-origin hackers who flood banking and financial institution web sites with massive log-in attempts that disrupt or halt remote banking services.

“The are going after the same types of sites,” said an intelligence official familiar with reports of the attacks.

... Yet the White House is in charge of directing any counterattacks on nation-states and so far has refused to authorize aggressive action, such as retaliatory counter cyber attacks.

The intelligence official suggested that the administration is reluctant to take action because of the president’s conciliatory policies toward Iran. President Barack Obama failed to back Iran’s democratic opposition in 2009 and has taken limited diplomatic action against Iran’s illicit nuclear program.

... The hackers called the attacks Operation Ababil and stepped up their efforts last week, prompting PNC Bank to warn customers about the disruptions.

... Cyber security analysts said an Iranian group called the Izz ad-Din al-Qassam Cyber Fighters carried out the attacks.

On the hacker forum pastebin.com, the group said in a statement posted Dec. 25 that a “second phase” of their attacks were underway over the past several weeks.

The group said it has targeted JPMorgan Chase & Co., Bank of America Corp, Citigroup Citibank, Wells Fargo & Company, U.S. Bancorp, PNC Financial Services Group, BB&T Corporation, SunTrust Banks, and Regions Financial Corporation.

One cyber forensic specialist, who spoke on condition of anonymity, said the al-Qassam Cyber Fighters claim to be a group of private hackers but their activities appear state-sponsored.

“Except for their statements they have no presence and it feels much more like a state-sponsored action,” meaning backed by the Tehran regime, the specialist said.

Iranian officials have been quoted in state-run press accounts as promising to conduct cyber attacks against the United States and other western states in retaliation for cyber attacks against Iran’s nuclear program.

...Ten major U.S. banks were hit by the cyber attacks in September during the first wave of attacks.

Around the time the attacks were detected, the Pentagon’s Joint Chiefs of Staff stated in a report that the cyber strikes on financial institutions were Iranian-backed aggression.

“Iran’s cyber aggression should be viewed as a component, alongside efforts like support for terrorism, to the larger covert war Tehran is waging against the west,” the report, dated Sept. 14, stated.

No comments:

Post a Comment

Weekend Reading -- A New Weekend Knowledge Dump

Greg Ellifritz has posted a new Weekend Knowledge Dump at his Active Response Training blog . Before I discuss some of his links, I want to ...