Iran behind bank cyberattacks, U.S. government officials say

Summary:A former government official says the U.S. believes Iran was behind a spate of cyberattacks on U.S. banks, despite claims from a hacking group that it was behind the attempted hacks.

U.S. government officials are reportedly pointing the finger at Iran for a spate of cyberattacks and hacking attempts on U.S. banks, according to a report by The New York Times.

A number of banks, including HSBC, Citigroup, and Bank of America, have in recent months suffered distributed denial-of-service (DDoS) attacks, which have crippled Web sites and made it nigh on impossible for banking users to access their online accounts. A group called "Izz ad-Din al-Qassam Cyber Fighters" claimed responsibility for the attacks, but no data was taken and customer funds remained intact.

According to a former U.S. official with the State and Commerce departments, it is believed that Tehran was actually behind the attacks.

"There is no doubt within the U.S. government that Iran is behind these attacks," said former U.S. official James A. Lewis, now a computer security expert at the Washington-based Center for Strategic and International Studies. 

U.S. intelligence officials say that Iran is waging the attacks in retaliation for Western economic sanctions, but also following the thought-to-be state-sponsored malware attacks -- including Flame, Duqu, and Stuxnet -- that hit Iranian nuclear facilities over the past couple of years. 

The amount of data that flooded U.S. banks was "multiple times" the amount that Estonia suffered when it was cyber-attacked more than five years ago. It's understood that the attackers users data centers rather than individual computer-based botnets to attack the banks, and hijacked clouds rather than individual machines. 

Exactly how the attackers are hijacking data centers "is still a mystery," the Times noted, but warned that the hackers were using encrypted DDoS attacks by flooding servers with encryption requests, rather than ordinary data, to slow down networks with fewer requests.

The entire state of Estonia was knocked offline for weeks after Russia pummelled the country with vast amounts of data in order to overload the country's systems back in 2007. Russia never openly or directly admitted to the attack, but many still believe the Russian government was behind the aggression.

The hackers said that they had no intention of stopping their attacks against U.S. banks, claiming "none of the U.S. banks will be safe." 

(via The New York Times)

Topics: Security, Banking, Networking

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.