Iran Accused of Hacking US Banks

United States officials believe Iran is responsible for a string of recent cyber attacks on American banks. They say the sophistication of the attacks and the hacks' aim of disrupting services rather than stealing cash both suggest government rather than private activity.

The attacks have been coming since September and have disrupted the online services of many U.S. banking institutions, including Bank of America, BB&T, Capital One, Citigroup, Fifth Third Bank, HSBC, PNC, US Bancorp, and Wells Fargo. (Source: nytimes.com)

DDoS Attacks on Banks

The attacks have employed the distributed denial of service (DDoS) approach. This involves flooding a website with page requests until the site's servers become so overwhelmed that legitimate requests for web pages cannot be fulfilled.

Because the aim of these attacks appears not to steal either confidential data or funds, the hackers have been able to effectively use the banks' own security against them.

For example, to make these attacks more effective, the hackers have been making requests for encrypted web pages. Such requests demand additional data and force the banks' websites to devote extra resources to dealing with the hackers' bogus requests.

Cloud Computers Used In Sophisticated Attack

To be successful, distributed denial of service attacks require a large number of computers. Cybercriminals often gain control over so many computers by releasing a specially-crafted virus that makes use of home and office PCs in the background, so the computers' regular users don't readily notice the diversion of digital resources to nefarious purposes.

In this case, it appears the hackers have gained unauthorized access to commercial file servers, the kind used by companies that carry out extensive data processing but choose not to buy their own digital hardware.

Both Amazon and Google provide such data processing services. However, it's not known right now whether their equipment has been infiltrated and utilized by these hackers for these attacks on the U.S. banks.

The servers that are known to be involved in this round of attacks are located around the world, and appear to be compromised by a form of malicious software called "Itsoknoproblembro."

American government staff don't appear to have any firm proof that the Iranian government is responsible. However, a former government official and current security expert says the US government has "no doubt" Iran is the culprit.

U.S. officials say they think the Iranian government might see these attacks as revenge for previous Israeli and American digital attacks on Iran's nuclear control systems. (Source: theverge.com)