By using sophisticated and diverse tools that point to a carefully coordinated campaign, the hackers behind the cyber attacks on major US banks have repeatedly disrupted online banking according to security researchers. The hackers believed to be activists in the Middle East were it is highly knowledgeable about the defensive equipment used by the banks and likely spent months on reconnaissance.
Customers of top US banks including Bank of America Corp, JP Morgan Chase and Co. Wells Fargo & Co. in the past two weeks, the US Bancorp and PNC Financial Services have reported having trouble accessing their websites as unusually high traffic volumes appeared to crash or slow and customer irritation as the biggest costs. The researchers stated that the hackers used groups of compromised computers, known as botnets which are inexpensive to rent for short periods. What made these bot nets much more powerful was that they were made up of web services that has been taken over instead of mere personal computers.
Tom Kellermann the vice president of major security vendor Trend Micro says that “Tens of Thousand” servers are involved. The FBI declined to comment on its investigation of the attacks, the banks either declined to comment or noted that most customers have been able to log into their accounts. Doug Johnson, vice president of the American Bankers Association trade Group said that it’s fairly large, but its something financial institutions are accustomed to dealing with.
The sources that are familiar with the bank attacks have previously told Reuters that they could be part of a year-long cyber campaign waged by Iranian hackers against major US financial institutions and other corporate entities. Senator Joseph Lieberman, chairman of the Senate’s Homeland Security and Governmental Affairs Committee has also blamed Iran’s much improved cyber forces on the bank website outages. A group that calls itself the Cyber Fighters of Izz ad-din Al Qassam has claimed credit for the recent bank attacks , declaring them a protest against the anti-Islam video posted on Youtube and stocked violent protests across the Muslim world. The latest attacks against the banks have thrown as many as 30 million electronic packets per second at the websites, at times overwhelming both the banks and the additional technical resources being moved into place to counter the attacks. Prolexic’s clients include several of the largest banks, though Hammack declined the name which ones.
The experts stated that the high-high volumes denial of service attacks were becoming more common even before the latest bank assaults and would continues to increase in sophistication as well. Dan Holden, the director of research at security firm Arbor Networks said that the entire episode speaks to the need for banks or any of the business operating online to be prepapred for the type of availability attack.
REFERENCES:
http://gadgets.ndtv.com/internet/news/us-bank-website-hackers-used-advanced-botnets-diverse-tools-275041
