From Bank of America to HSBC and from JPMorgan Chase to Wells Fargo bank a growing wave of cyber attacks has disrupted and crippled the customer-facing online presence of some of the biggest and most powerful high-profile Western financial institutions over the past several weeks. Ally Financial, BB&T, Capital One Financial, PNC Bank, Regions Financial, SunTrust Bank and US Bank have also been targeted. Customers trying to use the online systems of those banks after the latest digital attacks were denied access or faced long delays. Some of the digital attacks appear to have originated in Iran and Russia. Security experts now believe that multiple well-organised digital attackers rather than a single attacker are behind the events that caused day-long slowdowns and, at times, complete online outages at various top banks.
The US Secretary of Defense Leon Panetta has warned that the country could face a ‘Cyber-Pearl-Harbor’ in the near future and has drafted new rules which would enable the American military to move quickly to thwart any such attacks. Panetta is also concerned that the “scale and speed” of the bank attacks is unprecedented. The digital attacks have continued this week despite a warning from him that America has the ability to determine who is responsible. Specifically, Panetta said, “Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests” to business executives in New York.
Panetta also said that Iran has “undertaken a concerted effort to use cyberspace to its advantage.” Panetta added that digital attacks emanating from foreign soils could paralyse the country’s power grid financial networks and transportation system saying that a cyber attack had the potential to “paralyse and shock the nation and create a profound new sense of vulnerability.” “If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us, to defend this nation when directed by the president,” Panetta said in the speech to top business executives in New York.
Panetta also added that the “Shamoon” virus which attacked Saudi Arabia’s state oil company, Aramco, was probably the most destructive attack the business sector has seen to date. The virus also struck a joint venture between the US oil firm ExxonMobil and state-controlled Qatar Petroleum. Iran is suspected of taking revenge for US sanctions by targeting oil companies with cyber attacks, knocking out Saudi Arabia’s Aramco’s computers for two weeks. A disruption to Saudi Arabia’s oil exports could cause oil prices to spike from their already elevated prices and tip the fragile global economic recovery into recession.
If there ever was a time for any major organisation’s board of directors to listen carefully to their Chief Information Officer (CIO) and Chief Information Security Officer (CISO) that time has now arrived. Call an emergency board meeting and please pay close attention to the advice of your CIO and CISO in regard to online security matters. Your online reputation, trust in your brand, customer confidence and share price may soon depend on the swiftness of your attention to this urgent matter. Companies have to be very aware of what’s going on in regard to this latest round of cyber attacks on banks of 100+ billion bytes per second and they have to start thinking about a Plan B and Plan C beyond Plan A if financial chaos is manifest in the near future.
The mi2g Intelligence Unit (mIU) and the ATCA 5000 Research & Analysis Wing (A-RAW) have become concerned about the latest round of digital attacks because US and Western large capital financial institutions have some of the best network security defences of any industry. Sustained attacks could disrupt customer confidence in industries beyond banking and may have a much larger cascading fallout given that Systemically Important Financial Institutions — SIFIs — are also coming under sustained attack. The latest campaign of digital attacks appears to have been near-100 percent effective, at least in bringing the targeted financial institutions some level of visible duress. The attackers are adapting to the banks’ defences and becoming more sophisticated in their tactics with every passing week. Is it plausible that the next flash crash which manifests in the global financial markets may be traced back to these swiftly escalating cyber attacks?
A hacktivist group calling itself the “Izz ad-Din al-Qassam Cyber Fighters” took credit for the cyber attacks against banking giants in a Pastebin post, which has since been removed. The group, perhaps Iranian, has claimed that it is protesting the presence of the anti-Islamic video ‘Innocence of Muslims’ on the Internet, which has helped spark outrage in the Middle East against the United States in particular and the West in general. There is scepticism that fringe Islamist groups are sufficiently organised to mount these colossal digital attacks on their own without nation-state assistance.
No comments:
Post a Comment