The financial and banking industries are on high alert tonight as a massive cyberattack continues, with potentially millions of customers of Bank of America, PNC and Wells Fargo finding themselves blocked from banking online.
“There is an elevated level of threat,” said Doug Johnson, a vice president and senior adviser of the American Bankers Association. “The threat level is now high.”
“This is twice as large as any flood we have ever seen,” said Dick Clarke, an ABC News consultant and former cybersecurity czar.
A group of purported hackers in the Middle East has claimed credit for problems at the websites of both banks, citing the online video mocking the founder of Islam. One security source called that statement “a cover” for the Iranian government’s operations.
The attack is described by one source, a former U.S. official familiar with the attacks, as being “significant and ongoing” and looking to cause “functional and significant damage.” Also, one source suggested the attacks were in response to U.S. sanctions on Iranian banks.
Senior U.S. officials acknowledge that Iranian attacks have been the subject of intense interest by U.S. intelligence for several weeks. Last week, the Joint Chiefs of Staff’s Intelligence Directorate, known as J-2, confirmed continuing Iranian cyber attacks against U.S. financial institutions in a report described as “highly classified.”
Phi Beta Iota: This is almost certainly an Israeli false flag attack, NOT an attack by Iran. The US abuse of the SWIFT banking system has already inspired the Chinese to replace the SWIFT banking system (and the US dollar) for all interested parties including Iran. The damage done to banks has not been serious, more of an inconvenience. It is certainly true that financial systems are vulnerable (so are all network systems including power); a number of us — including students at the Air War College — were telling the US Government this from 1990-1994, only to be blown off. NSA has consistently neglected its assigned responsibilities for helping commercial enterprises achieve cyber-security and cyber-stability, and today, while there are 67 or so actual code-level cyber-security experts in the USA (only about 12 focused on defensive code), NSA/Cyber Command is spending over $15 billion on corporate vapor ware. DHS is theoretically responsible, but far removed from being relevant.
DefDog: The infamous ‘take down the Internet in 30 minutes’ hearing from 1998 — Tens of Billions Later, NSA and OMB Have Not Done Their Jobs, US Cyber is Wide Open and Unsafe at Any Speed + Meta-RECAP