Experts unsure whether Iran is behind bank DDoS attacks
Sophistication of attacks points to possible state sponsor, but there's no proof yet, say security experts
Computerworld - Though U.S. officials blamed Iran for an ongoing stream of distributed denial of service attacks (DDoS) against major U.S. banks, security experts say there's not enough evidence yet to assign blame.
The security experts say that the attacks over the past few months appear to be very well planned and that the attackers have much knowledge of the weak spots in U.S. financial services networks, which could make them state sponsored.
Meanwhile, the ongoing attacks have reportedly prompted some banks to seek the help of the National Security Agency (NSA).
The Washington Post on Friday quoted an unnamed bank official as saying that banks are seeking NSA help due to a growing sophistication of DDoS attacks against them.
Earlier this week, the New York Times quoted a former official in the U.S State and Commerce Department as saying that there is "no doubt" within the U.S. government that Iran is behind the attacks.
A group calling itself "Izz ad-Din al-Qassam Cyber Fighters" has claimed responsibility for a series of DDoS attacks against several large U.S. banks including Wells Fargo, JP Morgan Chase, Bank of America and U.S. Bancorp.
The group claims to be based in Iran and says the attacks are in protest of YouTube's refusal to take down a trailer of the controversial anti-Islam movie that roiled much of the Middle East last year.
The DDoS attacks began last September and have shown no signs of abating.
If anything, the attacks have become more sophisticated and disruptive, said Scott Hammack, chief executive officer at Prolexic Technologies, a security firm that has been helping some of the largest U.S. banks fend off the attacks.
Unlike past DDoS attacks, the ongoing attacks are much more high-bandwidth and more frequent, Hammack said. For instance, Prolexic recently observed high-bandwidth attacks against two separate banks that were launched at the same time.
One of the attacks generated 75GBps of DDoS traffic while the other generated 45GBps. Such high-bandwidth attacks, which used to occur once or twice a year, have become almost routine, he said.
Unlike past DDoS attacks, in which attackers commanded hundreds of thousands of infected PCs to send streams of useless traffic to targeted systems, the latest ones involve thousands of comprised servers capable of generating far greater DDoS traffic, he said.
Whoever is behind the attacks also appears to be using so-called "push technology" to control the infected servers in real-time he said.
The technology allows attackers to turn on and turn off DDoS attacks and redirect DDoS streams at will, Hammack said. "They have a very good knowledge of what infrastructure to go after, particularly weak spots in the infrastructure," he said.
- New docs show DHS was more worried about critical infrastructure flaw in '07 than it let on
- Needed: Breach detection correction
- Evan Schuman: Resurrection of Full Disclosure mailing list is great news, if you're not a cyberthief
- Cyberattacks could paralyze U.S., former defense chief warns
- Syrian Electronic Army shanghais Microsoft's Twitter account, blog
- Is French outrage against U.S. spying misplaced?
- Lawmakers seek answers on Obamacare Data Hub security
- China-based hacking group behind hundreds of attacks on U.S. companies
- How to Prepare for a Potential Syrian Counterattack on the U.S. Power Grid
- New York Times site outage caused by attack on domain registrar, company says
Flashback to the late 1960s, when this pilot fish has just gotten a job in a bank's data processing department -- and one day his new boss tells him to grab a disk pack and run for a cab.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- The Big Data Opportunity for HR and Finance
- If CEOs, CFOs, CIOs, and CHROs want to drive their businesses forward, they will need to quickly recognize the enormous value of big...
- Real-Time Application-Centric Operations Visibility with NetScout's Approach to Service Delivery Management
- This ENTERPRISE MANAGEMENT ASSOCIATES whitepaper examines the move towards application/service performance visibility within IT operations
- Enabling Unified Service Delivery Management With the nGeniusONE Platform
- Today's IT organizations manage diverse business services comprising a host of applications running on many server farms within the data center.
- Ebook: Big Data Analytics For Dummies
- Big Data Analytics for Dummies is a valuable resource that addresses the practical dilemmas surrounding Big Data analytics and provides a step-by-step approach...
- A Guide To Preparing Your Data in Tableau
- Read "A Guide to Preparing Your Data for Tableau" and see how you can: Blend disparate data sources, then cleanse and enrich the... All Financial IT White Papers
- PST Archiving: What is it and How is it Done? Learn more about what PST data is, the risks relating to it, and how the new PST Archiving feature in the Simpana 10...
- HP DevOps KnowledgeVault This interactive resource focuses on the evolution taking place in the world of software development, specifically the Agile development framework, and the gap...
- Introducing Cloud-Based Disaster Recovery From VMware Cost-effectively protect your business applications in the case of a local disaster or disruptive event. VMware is excited to introduce vCloud Hybrid Service...
- Vblock™ Specialized System for SAP HANA® Deploy SAP HANA® fast and with low risk. VCE brings together all of the necessary components for SAP HANA® into a single, standardized...
- Why do you need an enterprise mobile platform? Today companies must offer great apps that run on a range of devices, and connect to an exploding set of backend data. Appcelerator...
- All Financial IT Webcasts
Computerworld has launched its annual search for outstanding IT leaders who align technology with business goals. Nominate a top IT executive for the 2015 Premier 100 IT Leaders awards now through July 18.