The FBI gave U.S. banking executives security clearance last month to share the details of investigations hitting online banking systems over the past year.
According to Reuters, the Federal Bureau of Investigation says that more cooperation between governmental agencies and the financial industry is necessary to combat cybercrime. In order to promote better understanding, the FBI gave banking executives clearance last month to brief them on the current cybercrime environment, so financial management could grasp "who is behind the keyboard."
Members of the financial industry were taken to over 40 FBI offices around the country to join a classified video conference, according to the FBI's Executive Assistant Director Richard McFeely. Many attacks aimed at online bank services were attributed to Iran, although McFeely did not comment on whether Iran was directly responsible for the attacks, or which banks participated at the conference.
The one-day clearances were part of a broader effort to inform victims of cybercrime, and the closed nature of the conference was meant to keep the media away — as well as limit the risk of exposure to investors.
McFeely says that the agency is changing its approach after being "terrible" in the past about keeping organizations and firms hit by hackers informed of progress in investigations. The FBI and Department of Homeland Security have also informed 129 other countries about 130,000 ISPs linked to cyberattacks aimed at banking services. However, it is important to note that many of these ISPs are virus-infected, and so the notifications are meant to help clean up the systems rather than prosecute.
Banks are an attractive target for hackers, not only due to valuable industry information that can be stolen, but for account details and the potential high financial gain.
Some of these attacks may also be political. In October, a group called Izz ad-Din al-Qassam Cyber Fighters took responsibility for taking down online banking services over film trailer "The Innocence of Muslims" hosted on YouTube, although Sen. Joe Lieberman placed the blame on Iran, citing "the increasingly strong economic sanctions that the United States and our European allies have put on Iranian financial institutions" as the cause.
The Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and PNC Bank have all been hit with denial-of-service (DoS) attacks in the past year.
McFeely believes that enhanced communication is necessary to fight the issue, especially when those hit by attacks have often remained closed-mouthed about the problem. The FBI official says that the rarity of overseas arrests and failures in international talks are part of the issue, but interestingly, it may be that the U.S. plans to ramp up prosecution. McFeely indicated that "some indictments have been issued under seal and that arrests would follow," especially if suspected hackers travel outside their home countries.
"The first time we bring someone in from out of the country in handcuffs, that's going to be a big deal," McFeely told the publication.
Last week, the Department of Homeland Security said there is a heightened risk of cyberattacks on private U.S. companies that provide critical infrastructure services. However, it may be all about protection — the U.S. government may be deciding to fight fire with fire, as a recent report labeled the government the biggest buyer of malware.