US claims online bank hacking work of Iran

INT

There was something disturbingly different about the wave of online attacks on American banks in recent weeks. Security researchers say that instead of exploiting individual computers, the attackers engineered networks of computers in data centers.

Since September, intruders have caused major disruptions to the online banking sites of Bank of America, Citigroup, Wells Fargo, US Bancorp, PNC and others.

The skill needed to carry out attacks on this scale has convinced the US government officials and security researchers that they are the work of Iran, most likely in retaliation for economic sanctions and online attacks by the US. "There is no doubt within the US government that Iran is behind these attacks," said James A Lewis, a former official in the State and Commerce Departments and a computer security expert at the Center for Strategic and International Studies. American officials have not offered any technical evidence to back up their claims. Also, the hackers chose to pursue disruption, not money: another earmark of state-sponsored attacks, the security experts said.

"The scale, the scope and the effectiveness of these attacks have been unprecedented," said Carl Herberger, vice president of security solutions at Radware, a security firm investigating the attacks.

A hacker group — Izz ad-Din al-Qassam Cyber Fighters — claimed responsibility in online for the attacks in online posts. But US intelligence officials say the group is actually a cover for Iran.

Researchers at Radware discovered that various cloud services and public Web hosting services had been infected with a particularly sophisticated form of malware, called Itsoknoproblembro, that was designed to evade detection by antivirus programs.

The malware has existed for years, but the banking attacks were the first time it used data centers to attack external victims.

Please read our terms of use before posting comments
TERMS OF USE: The views, opinions and comments posted are your, and are not endorsed by this website. You shall be solely responsible for the comment posted here. The website reserves the right to delete, reject, or otherwise remove any views, opinions and comments posted or part thereof. You shall ensure that the comment is not inflammatory, abusive, derogatory, defamatory &/or obscene, or contain pornographic matter and/or does not constitute hate mail, or violate privacy of any person (s) or breach confidentiality or otherwise is illegal, immoral or contrary to public policy. Nor should it contain anything infringing copyright &/or intellectual property rights of any person(s).
comments powered by Disqus