Experts unsure whether Iran is behind bank DDoS attacks
Defending against the attacks has been challenging because the servers used to launch them "are being told what to do in real-time," he said. However, the line of attack also "leaves the attackers completely exposed," which is how the U.S. government appears to know who is behind the attacks, he added.
"The attackers have been very brazen. This is being done by someone who doesn't really care about their identify being tracked," Hammack said.
He declined to speculate on the identity fo the attackers.
Retired Rear Admiral Mike Brown, vice president of RSA's federal business group, said there is currently no evidence that the attacks are state sponsored.
"But that can't be counted out of the realm of possibility given the pressure Iran is under from the U.S. and the international community," Brown said. "At the very least, Izz ad-Din al-Qassam appears to be a hacktivist group that is motivated by a nationalist agenda."
He also wouldn't speculate on the identity of the hackers.
Generally, nation states with a serious interest in cyber espionage and cyberwarfare usually employ substantial resources to develop custom malware and exploits for such attacks, he said.
Gartner analyst Avivah Litan noted that U.S. banking regulators such as the Office of the Comptroller of Currency (OCC) have pointed to multiple groups as potential attackers.
"Some are politically motivated and others are financially motivated," Litan said. "Most important, the DDoS attacks have in fact led to or been associated with fraud and customer account takeover," she said.
Regardless of who is behind the attacks, banks need to take them seriously, Litan said.
"They must revisit their network configurations and re-architect them in order to minimize the damage," she said. "For example, they should distribute and decentralize their DNS and Web application servers as much as possible, and set various parameters to deflect the damage that a DDoS attack can do."
The banks must also strengthen backup processes and organizational support to deal with the fallout from such attacks, Litan said. "Banks must deploy layered security and fraud prevention, as outlined in FFIEC guidance to mitigate financial damage from these attacks," she added.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- Evan Schuman: Resurrection of Full Disclosure mailing list is great news, if you're not a cyberthief
- Cyberattacks could paralyze U.S., former defense chief warns
- Syrian Electronic Army shanghais Microsoft's Twitter account, blog
- Is French outrage against U.S. spying misplaced?
- Lawmakers seek answers on Obamacare Data Hub security
- China-based hacking group behind hundreds of attacks on U.S. companies
- How to Prepare for a Potential Syrian Counterattack on the U.S. Power Grid
- New York Times site outage caused by attack on domain registrar, company says
- Cyber drills like Quantum Dawn 2 vital to security in financial sector
- Quantum Dawn 2 will test Wall Street's cyber readiness
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts