Are Hamas involved in a cyber war?
Is Hamas behind attacks on a US bank?
Click here to add al-Din al-Qassam Cyber as an alert
Disable alert for al-Din al-Qassam Cyber,
Click here to add al-Qassam Cyber Fighters as an alert
Disable alert for al-Qassam Cyber Fighters,
Click here to add AlienVault as an alert
Disable alert for AlienVault,
Click here to add Amazon as an alert
Disable alert for Amazon,
Click here to add Bank of America as an alert
Disable alert for Bank of America,
Click here to add Cigital as an alert
Disable alert for Cigital,
Click here to add Citigroup Inc. as an alert
Disable alert for Citigroup Inc.,
Click here to add Congress as an alert
Disable alert for Congress,
Click here to add CrowdStrike as an alert
Disable alert for CrowdStrike,
Click here to add Cyber Command as an alert
Disable alert for Cyber Command,
Click here to add Defence Department as an alert
Disable alert for Defence Department,
Click here to add Department of Homeland Security as an alert
Disable alert for Department of Homeland Sec ...,
Click here to add Department of State as an alert
Disable alert for Department of State,
Click here to add Dmitri Alperovitch as an alert
Disable alert for Dmitri Alperovitch,
Click here to add Federal Bureau of Investigation as an alert
Disable alert for Federal Bureau of Investig ...,
Click here to add Financial Services Information Sharing Analysis Centre as an alert
Disable alert for Financial Services Informa ...,
Click here to add Gary McGraw as an alert
Disable alert for Gary McGraw,
Click here to add Global Cyber Risk as an alert
Disable alert for Global Cyber Risk,
Click here to add GoDaddy as an alert
Disable alert for GoDaddy,
Click here to add Google as an alert
Disable alert for Google,
Click here to add Hamas as an alert
Disable alert for Hamas,
Click here to add Islamic party as an alert
Disable alert for Islamic party,
Click here to add Jody Westby as an alert
Disable alert for Jody Westby,
Click here to add Joseph Lieberman as an alert
Disable alert for Joseph Lieberman,
Click here to add JPMorgan Chase as an alert
Disable alert for JPMorgan Chase,
Click here to add Los Angeles Times as an alert
Disable alert for Los Angeles Times,
Click here to add New York Stock Exchange as an alert
Disable alert for New York Stock Exchange,
Click here to add Paul DeSouza as an alert
Disable alert for Paul DeSouza,
Click here to add PNC Financial Services as an alert
Disable alert for PNC Financial Services,
Click here to add Roger Thornton as an alert
Disable alert for Roger Thornton,
Click here to add Senate Homeland Security Committee as an alert
Disable alert for Senate Homeland Security C ...,
Click here to add U.S. Bancorp as an alert
Disable alert for U.S. Bancorp,
Click here to add Wells Fargo & Co. as an alert
Disable alert for Wells Fargo & Co.
The ‘denial of service’ attack that disrupted the Wells Fargo & Co. electronic banking operations was the fourth in a week. And it appears to lend some credence to threats and claims that the Izz al-Din al-Qassam Cyber Fighters, the military wing of Hamas, the Islamic party that governs the Gaza Strip, are behind them.
The group claimed responsibility for DoS attacks against Bank of America, JPMorgan Chase and Citigroup Inc. that disrupted online operations, and said the attacks would continue “until the Erasing of that nasty movie” — a reference to a trailer of the independent film “Innocence of Muslims,” which Muslims say insults the Prophet Muhammed.
This week, it said it had conducted Tuesday’s Wells Fargo attack and that its next targets would be U.S. Bancorp and PNC Financial Services. Reports surfaced on Wednesday saying customers of those two institutions were having trouble accessing their websites.
Since the attacks began, there have been multiple theories floated about the source.
U.S. Sen. Joseph Lieberman (I-Conn), chairman of the Senate Homeland Security Committee, said last week in an interview on C-SPAN’s “Newsmakers” program that he believed a unit of Iran’s Revolutionary Guard Corps was behind them.
Also last week, the FBI issued a fraud alert, warning financial services firms that cyber criminals might try to disrupt their websites in an effort to distract them from noticing fraudulent wire transfers.
Some security experts said at the time that they might not even be attacks, but simply internal technical problems, similar to what shut down GoDaddy recently. Or, that they might simply be low-level attacks by anti-capitalist groups with a political agenda.
And even now there is not unanimous agreement that Izz al-Din al-Qassam Cyber Fighters is behind all the attacks. The group has not made good on all of its threats. It had also said it would attack the New York Stock Exchange, but trading has continued normally there.
Dmitri Alperovitch, chief executive of CrowdStrike, a private security firm investigating the attacks, told the Los Angeles Times that the claims “appear to be accurate in terms of predicting future attacks.But I wouldn’t necessarily take at face value any of its claims about attribution or the video.”
Whatever their source, the attacks have prompted some renewed calls for more coordination between the private sector and government, which was the goal of the 2012 Cyber Security Act (CSA) that failed in Congress last month.
But so far, they have not been even close to catastrophic, partially because, as a number of security experts have noted, DoS attacks are among the oldest and most basic, and do not require highly skilled computer programmers or advanced expertise.
Roger Thornton, CTO of AlienVault, called them “the digital equivalent of having a group of protesters block the entrance to a building or tie up the phone lines.”
“These attacks can be a nuisance and can cause real damage or even physical harm at times — if the 911 response system was tied up when you needed an ambulance, for example,” he said. “But just like the protesters blocking a branch of the bank, a DDoS attack is very hard to prevent, somewhat inevitable regardless of your security posture and is not an attack that results in data stolen or systems permanently damaged.”
And Thornton said there is already “a pretty good system for sharing threat data between the Department of Homeland Security and the financial services community today through a programme run by FS-ISAC (Financial Services Information Sharing Analysis Centre). There are already communication lines in place and these programs are part of the reason our banks are still operating in spite of such hostile threats.”
Gary McGraw, CTO of Cigital, said he is a bit puzzled at all the interest in the recent wave of attacks. “These sorts of attacks happen all the time,” he said. “I’m not sure why there seems to be more interested in these.”
But he is certain that the banks don’t need help from the government with DDoS attacks. “Google and Amazon don’t need the government to help them with DDoS. That’s ridiculous,” he said.
Paul DeSouza of the Cyber Security Forum Initiative said the private sector and government have different roles to play. “The private sector should be responsible for deploying the necessary technologies and controls to include trained personnel to be able to continue to operate through and in cyberspace in the protection of their assets even under attack,” he said.
“The role of the government should be of a supporting nature to include cyber intelligence and knowledge sharing capabilities,” he said. “Offensive cyber responses are reserved to governmental actors with the appropriate authorities to engage in full spectrum cyber operations.”
But Jody Westby, an attorney and CEO of Global Cyber Risk, said the problem is not so much coordination between the private and public sector in the U.S., but internationally.
“Cybercriminals today have effectively analysed what jurisdictions lack skilled law enforcement, where cooperation is lacking or nil, and where cybercrime laws are either non-existent or civil penalties,” she said.
“Meanwhile, we do not have effective cross-border cooperation and law enforcement support to counter the attacks. Until we address cybercrime, these attacks will continue to be sophisticated, ingenious, and successful,” Westby said.
She said financial institutions do a good job overall in defending against attacks, but believes political leaders should at least be speaking out. “The President or State Department should show some diplomatic muscle,” she said, even if the attacks are from a nation state. “Cyber Command does not have the legal authority to assist private sector networks.”
She and others also say an executive order from the President to implement some of the provisions of the CSA, which is said to be close to being announced, would not help in this situation. “An executive order from the president could not expand the jurisdiction of the Defence Department and Cyber Command,” she said.
Roger Thornton agrees. “Indicting and extraditing these actors from their home jurisdictions is next to impossible, so legal recourse is difficult,” he said, adding: “I’m not sure there is much that [the President] could do.”
- Zain, UNHCR, Facebook to bring free internet access to urban refugees in Jordan
- Start Up Lebanon entrepreneurs head to Silicon Valley Roadshow
- Huawei to establish a center of innovation in Saudi Arabia
- Middle East poised to become an industry leader in 3D printing
- Bahrain's Investcorp buys UK's Nebulas to become European cybersecurity giant