Iran is again in the spotlight, this time for a series of cyber-attacks against US banks. Initially the attacks were thought to be the work of a fringe hacker group, but now some US government officials believe they were orchestrated by Iran.
Over the past few months, the attacks hit big-name banks such as Wells Fargo & Company (NYSE:WFC), American International Group, Inc. (NYSE:AIG), Citigroup Inc. (NYSE:C), HSBC Holdings plc (NYSE:HBC) (LON:HSBA), Bank of America Corp (NYSE:BAC), and JPMorgan Chase & Co. (NYSE:JPM). Although customer accounts were not compromised, the attacks caused system outages and prevented customers from accessing their accounts.
According to a report in the New York Times, some US government officials suspect the attacks to be the work of Iran, and not fringe hacking group “cyber fighters of Izz ad-din Al qassam,” who initially claimed responsibility.
"There is no doubt within the U.S. government that Iran is behind these attacks," James A. Lewis, a former official in the State and Commerce departments and a computer security expert at the Center for Strategic and International Studies in Washington told the NY Times.
The various banks were hit with DDOS (distributed denial-of-service) attacks. This involves flooding the target website with artificial traffic that consumes website bandwidth and prevents the site from functioning properly.
Although no official evidence have been offered to back up the claims that Iran conducted the attacks, computer security experts believe the recent attacks show a level of sophistication beyond that of amateur hackers.
“The scale, the scope and the effectiveness of these attacks have been unprecedented,” said Carl Herberger, vice president of security solutions at Radware, a security firm investigating the attacks on behalf of banks and cloud service providers.
“There have never been this many financial institutions under this much duress.”
A number of cyber-attacks have hit Iran in recent years, including the three sophisticated computer viruses; Flame; Duqu; and Stuxnet. The NY Times reported last year that the US, along with Israel, were responsible for Stuxnet – a virus which destroyed centrifuges in an Iranian nuclear facility in 2010.
James Lewis, computer security expert at the Center for Strategic and International Studies in Washington, called the on-going cyber war “a grudge match.”