Jan 6, 2013 Comments Off Infidel
Excerpted from Washington Free Beacon: Iran is continuing aggressive cyber attacks against U.S. financial institutions and officials say the U.S. government has failed to take steps to halt the electronic strikes.
The sophisticated denial-of-service cyber attacks have been underway for several months and involve Iranian-origin hackers who flood banking and financial institution web sites with massive log-in attempts that disrupt or halt remote banking services.
“The are going after the same types of sites,” said an intelligence official familiar with reports of the attacks.
The official criticized the Obama administration for failing to protect American corporations from what the official said were state-sponsored cyber attacks.
Critics in government and the private sector say the U.S. government remains unprepared to respond to such coordinated covert cyber attacks.
Several government agencies, including the military’s U.S. Cyber Command, U.S. intelligence agencies, the Department of Homeland Security, and the FBI are responsible for dealing with cyber attacks. Yet the White House is in charge of directing any counterattacks on nation-states and so far has refused to authorize aggressive action, such as retaliatory counter cyber attacks.
The intelligence official suggested that the administration is reluctant to take action because of the president’s conciliatory policies toward Iran. President Barack Obama failed to back Iran’s democratic opposition in 2009 and has taken limited diplomatic action against Iran’s illicit nuclear program.
The administration appears to be treating the Iranian cyber attacks as a law enforcement matter rather than covert warfare.
White House National Security Council spokesman Tommy Vietor declined to comment when asked why the administration has failed to respond to the attacks.
FBI spokeswoman Jennifer Shearer also declined to comment on what she said were “ongoing matters.”
The hackers called the attacks Operation Ababil and stepped up their efforts last week, prompting PNC Bank to warn customers about the disruptions.
PNC Bank disclosed in a statement Jan. 3 that a number of U.S. banks, including PNC, were dealing with “unusually high volume of traffic at their Internet connections.”
“This volume of traffic is consistent with threatened cyber attacks on the U.S. banking system and is designed to cause access delays for legitimate Internet customers,” the bank said.
The bank said some customers have been unable to conduct business remotely as a result of security efforts to mitigate the attacks.
The bank sought to assure customers that the website is protected by “sophisticated encryption strategies” that protects data and accounts.
“While this situation is an access issue and not an issue of account security, it is always important to remember to protect yourself by not sharing personal or financial information on any non-secure sites,” the bank stated.
Cyber security analysts said an Iranian group called the Izz ad-Din al-Qassam Cyber Fighters carried out the attacks.
On the hacker forum pastebin.com, the group said in a statement posted Dec. 25 that a “second phase” of their attacks were underway over the past several weeks.
The group said it has targeted JPMorgan Chase & Co., Bank of America Corp, Citigroup Citibank, Wells Fargo & Company, U.S. Bancorp, PNC Financial Services Group, BB&T Corporation, SunTrust Banks, and Regions Financial Corporation.
One cyber forensic specialist, who spoke on condition of anonymity, said the al-Qassam Cyber Fighters claim to be a group of private hackers but their activities appear state-sponsored.
“Except for their statements they have no presence and it feels much more like a state-sponsored action,” meaning backed by the Tehran regime, the specialist said.