US Banks Hacked in State-Sponsored Iranian Attacks, Officials Say

Recent denial of service attacks on US banks are believed to have been triggered by state-sponsored actions lead by Iran.

The US government firmly believes the attacks are Iran’s way of retaliating against cyber-attacks led by the United States against Iranian power plants and nuclear facilities, according to private security experts.

The strained relationship between the two countries may have caused Iran to wage denial of service attacks on Wells Fargo, J.P. Morgan Chase, Bank of America, Citigroup, and HSBC, under the pretense of a controversial video of the Prophet Mohamed, released on YouTube months back, the experts said.

Flooding the bank’s websites with traffic that peaked at 70 gigabits, security experts believe that data centers and cloud services were hacked and used to carry out such overwhelming denial of service.

“The amount of bandwidth that is flooding the websites is very large, much larger than in other attacks, and in a sense unprecedented,” said chief executive of private security firm CrowdStrike Dmitri Alperovitch.

With no financial data lost or stolen during the attacks, experts believe the operation was meant to disrupt normal functioning rather than steal customer personal information and bank account credentials. However, they are in awe of the scale and complexity of the attacks.

“The scale, the scope and the effectiveness of these attacks have been unprecedented,” said Carl Herberger, vice president of security solutions at the Radware security firm investigating the attacks. “There have never been this many financial institutions under this much duress.”

With the Iranian group “cyber fighters of Izz ad-din Al qassam” claiming responsibility and threatening to continue attacking other US institutions, security experts predict that such sophisticated DDoS methods are likely to increase in efficiency and frequency during 2013.