U.S. banks hit by more than a week of cyberattacks
U.S. banks have been buffeted by more than a week of powerful cyberattacks, but the mystery surrounding their perpetrators lingers.
One expert said Friday that he was suspicious of claims of responsibility purportedly made by Islamists angry at an anti-Muslim movie made in the United States, explaining that the widely-circulated Internet postings might have been an attempt to deflect attention from the true culprit.
"In the intelligence world, we call that a 'false flag,'" said Mike Smith, whose Web security company Akamai has helped analyze some of the attacks.
The postings, published to the Web earlier this month, suggested that an obscure Islamist group had taken revenge on American financial institutions for the "Innocence of Muslims," a low-budget U.S. film that ridiculed Muhammad, revered by Muslims as the last of God's prophets.
Since then at least half a dozen banks - including the Bank of America, JPMorgan Chase, and Citigroup - have witnessed traffic surges and disruptions. Not all have confirmed they were the victims of an online onslaught, but such surges are a hallmark of denial-of-service attacks, which work by drowning target websites with streams of junk data.
Such attacks are fairly common and generally don't compromise sensitive data or do any lasting damage. Still, they can be a huge headache for companies that rely on their websites to interact with customers.
Most say the recent spate of attacks has been unusually powerful. PNC bank, which was hit on Thursday, has never seen such a strong surge in traffic, spokesman Fred Solomon said in a telephone interview. Smith said he estimated the flow of data at 60 to 65 gigabits per second.
Smith said the profile and power of the attack made it an unlikely fit for the religious youth that the Internet postings called upon to join in the anti-U.S. campaign. He explained that politically-motivated hackers - often called hacktivists - usually flood the Web with appeals for support and post links to software that can turn followers' personal computers into crude cyberweapons.
Twitter and online chat rooms then explode with activity, as casual supporters pile in to coordinate attacks.
"You're not seeing that with this particular set of attacks," Smith said. "At the same time ... the attack traffic is fairly homogeneous. It's not this wide cornucopia of attacks that's coming at you that you see with a hacktivist attack."
So who is behind the campaign?
Cybercriminals often use denial-of-service attacks to shake down smaller websites, but major U.S. banks make unlikely targets for a protection racket.
Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.
Smith demurred when asked who could be behind the campaign, although he said there were "only a handful of groups out there that have the technical ability or incentive" to carry it out.
In any case, the online attacks appeared to be easing. Solomon, the PNC bank spokesman, said while traffic remained heavy Friday the flow was gradually returning to normal.
Doug Johnson, with the American Bankers Association, echoed that assessment.
"I believe it's tapering off," he said.
One expert said Friday that he was suspicious of claims of responsibility purportedly made by Islamists angry at an anti-Muslim movie made in the United States, explaining that the widely-circulated Internet postings might have been an attempt to deflect attention from the true culprit.
"In the intelligence world, we call that a 'false flag,'" said Mike Smith, whose Web security company Akamai has helped analyze some of the attacks.
The postings, published to the Web earlier this month, suggested that an obscure Islamist group had taken revenge on American financial institutions for the "Innocence of Muslims," a low-budget U.S. film that ridiculed Muhammad, revered by Muslims as the last of God's prophets.
Since then at least half a dozen banks - including the Bank of America, JPMorgan Chase, and Citigroup - have witnessed traffic surges and disruptions. Not all have confirmed they were the victims of an online onslaught, but such surges are a hallmark of denial-of-service attacks, which work by drowning target websites with streams of junk data.
Such attacks are fairly common and generally don't compromise sensitive data or do any lasting damage. Still, they can be a huge headache for companies that rely on their websites to interact with customers.
Most say the recent spate of attacks has been unusually powerful. PNC bank, which was hit on Thursday, has never seen such a strong surge in traffic, spokesman Fred Solomon said in a telephone interview. Smith said he estimated the flow of data at 60 to 65 gigabits per second.
Smith said the profile and power of the attack made it an unlikely fit for the religious youth that the Internet postings called upon to join in the anti-U.S. campaign. He explained that politically-motivated hackers - often called hacktivists - usually flood the Web with appeals for support and post links to software that can turn followers' personal computers into crude cyberweapons.
Twitter and online chat rooms then explode with activity, as casual supporters pile in to coordinate attacks.
"You're not seeing that with this particular set of attacks," Smith said. "At the same time ... the attack traffic is fairly homogeneous. It's not this wide cornucopia of attacks that's coming at you that you see with a hacktivist attack."
So who is behind the campaign?
Cybercriminals often use denial-of-service attacks to shake down smaller websites, but major U.S. banks make unlikely targets for a protection racket.
Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.
Smith demurred when asked who could be behind the campaign, although he said there were "only a handful of groups out there that have the technical ability or incentive" to carry it out.
In any case, the online attacks appeared to be easing. Solomon, the PNC bank spokesman, said while traffic remained heavy Friday the flow was gradually returning to normal.
Doug Johnson, with the American Bankers Association, echoed that assessment.
"I believe it's tapering off," he said.
This is China.
Â
I had 25,000 attacks Friday alone from a single APNIC IP. no information from the IP (not uncommon for Chinese IPs).
Â
In total APNIC IPs attacked just my email server 145,000+ times from 10 IP addresses. Â All APNIC, all from China. Even with my outer firewall, they got to me email server. Not sure still was the vulnerability was, but a restart of the firewall stopped them.
Â
These were manual attacks. You could tell by the nature and time (automated attacks all happen within a second or a minute these took hours). This means there was at LEASTÂ 2 and possibly as many as 10 people attacking just my little email server.
Â
And I don't even run a bank.
Â
So these banks had good online customer services before??
ha ha ha ha
Â
@cptmac11    These banks all go to the smae Security seminars why were they attacked at all.. no responsibility.. And to add to it all the Gov is requiring all gov checks be auto deposited. There is incentive for fraud and digitally electronic  theft. No repsonsiblity our elected elite need to hammer those in charge.. They have huge IT dept's.. And are trying every thing they can to punish clients that don't online bank.. Really.. back to paper i'd be happier at least I can keep a copy of the check before it is depositied and once I do that they can't really stop payment easily.. If they don't want to pay next year they just don't issue.. And you end up NSF.. for those checks you wrote.. Go figure..
why they are paid so much for so little..
Â
Sorry about the typos..