Cyberattacks on U.S. banks over the last several months reflect a frightening new era in cyberwarfare that corporations are unprepared to battle because of a shortage of experts skilled in building effective defenses, one security expert says.
Since September, U.S. banks have been battling with mixed success distributed denial of service (DDoS) attacks from a self-proclaimed hactivist group called Izz ad-Din al-Qassam Cyber Fighters. Despite its claims of being a grassroots operation, U.S. government officials and security experts say the group is a cover for Iran.
"There is no doubt within the U.S. government that Iran is behind these attacks," James A. Lewis, a former official in the State and Commerce Departments and a computer security expert at the Center for Strategic and International Studies, told The New York Times.
The skill of the attackers goes far beyond typical DDoS attacks conducted by hacktivist groups such as Anonymous. Instead of originating from networks of compromised PCs, bandwidth-clogging, bogus data streaming to banking sites are coming from hijacked Web servers in data centers.
These muscle systems have enabled the attackers to generate as much as 70 gigabits per second of traffic, enough to totter the sites of even the largest financial institutions.
Such state-sponsored attacks demonstrate that cyberwarfare is here. "We've entered a new era and it's pretty frightening in many ways," said Darren Hayes, a computer forensics expert and chairman of Pace University's Computer Information Systems Program. "What's a little bit scary is the fact that we don't have as many skilled professionals who are network forensics analysts or network security people as we should have."
Traditional security technology, such as firewalls, intrusion prevention systems and antivirus software, are "simply meaningless" against the sophistication of state-sponsored attacks, Hayes said. Colleges and universities need to train more students in forensics and security, so that banks and other large corporations can build better defenses, he said.
The ongoing attacks on U.S. banks have intermittently disrupted online operations, sometimes taking the sites down completely for short periods of time. Banks targeted by the attackers have included Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC Financial, Capital One, JPMorgan Chase, SunTrust Banks, Fifth Third Bank, BB&T and HSBC. None of the banks have lost customer data or have had accounts compromised.