Sep 21, 2012 No Comments ›› Pat Dollard
(NBC NEWS) National security officials told NBC News that the continuing cyber attacks this week that slowed the websites of JPMorgan Chase and Bank of America are being carried out by the government of Iran. One of those sources said the claim by hackers that the attacks were prompted by the online video mocking the Prophet Muhammad is just a cover story.
A group of purported hackers in the Middle East has claimed credit for problems at the websites of both banks, citing the online video mocking the founder of Islam. One security source called that statement “a cover” for the Iranian government’s operations. The attack is described by one source, a former U.S. official familiar with the attacks, as being “significant and ongoing” and looking to cause “functional and significant damage.” Also, one source suggested the attacks were in response to U.S. sanctions on Iranian banks.
The consumer banking website of Bank of America was unavailable to some customers on Tuesday, and JPMorgan Chase on Wednesday had the same problems, which multiple sources linked to a denial-of-service attack, in which a website is bogged down by a large number of requests. A Chase spokesman said Wednesday that the consumer site was intermittently unavailable to some customers, but did not acknowledge then that there was an attack. On Thursday, Chase said slowness continued but was resolved by late afternoon Eastern Time. Bank of America acknowledged on Tuesday that its site had experienced slowness, but would not say what caused it.
Senior U.S. officials acknowledge that Iranian attacks have been the subject of intense interest by U.S. intelligence for several weeks. Last week, the Joint Chiefs of Staff’s Intelligence Directorate, known as J-2, confirmed continuing Iranian cyber attacks against U.S. financial institutions in a report described as “highly classified.” The report was posted on internal classified U.S. government sites last Friday, September 14.
Because of the level of classification, the officials refused to provide or confirm any specifics on these attacks. However, one official noted that Iran’s uranium enrichment program had been the target of the STUXNET worm in 2010. The worm was reportedly developed by the U.S. and Israel. “The Iranians are very familiar with the environment,” quipped the official.
A conservative website, FreeBeacon.com, initially reported on the Pentagon analysis, quoting it as saying, “Iran’s cyber aggression should be viewed as a component, alongside efforts like support for terrorism, to the larger covert war Tehran is waging against the west.” U.S officials did not deny the FreeBeacon report when queried by NBC News.
A financial services industry group, the Financial Services Information Sharing and Analysis Center, warned U.S. banks, brokerages and insurers late Wednesday to be on heightened alert for cyber attacks. FS-ISAC also raised its raised the cyber threat level to “high” from “elevated” in an advisory to members, citing “recent credible intelligence regarding the potential” for cyber attacks as its reason for the move.
The former head of cyber-security for the White House testified Thursday that “we were waiting for something like this from Iran.” Frank Cilluffo, who served as Special Assistant to the President for Homeland Security under President George W. Bush, is currently an associate vice president at George Washington University and heads the Homeland Security Policy Institute. Cilluffo testified in a previously scheduled appearance before the U.S. House of Representatives’ Committee on Homeland Security, saying “the government of Iran and its terrorist proxies are serious concerns in the cyber context. What Iran may lack in capability, it makes up for in intent. They do not need highly sophisticated capabilities—just intent and cash—as there exists an arms bazaar of cyber weapons, allowing Iran to buy or rent the tools they need or seek.”