The Freeland File
Aerospace & Defense
Global Market Data
Lucy P. Marcus
David Cay Johnston
The Great Debate
Jack & Suzy Welch
Macro & Markets
Lipper Awards 2012
Personal Finance Video
Iran to enrich uranium to 60 percent if nuclear talks fail
Samsung files lawsuit against Apple over latest iPhone
Pennsylvania judge: Voter ID law a no-go for November 6
Special Report: The casualties of Chesapeake's "land grab" across America
NBC breaks TV losing streak, orders more "Revolution"
France taxes rich and business to slash deficit
Netanyahu to press for Iran ”red line” in U.N. speech
Chavez to Obama: I’d vote for you, and you for me
Our day's top images, in-depth photo essays and offbeat slices of life. See the best of Reuters photography. See more | Photo caption
Inside the Vatican
Behind the walls of Vatican City. Slideshow
Psy's Gangnam style
Psy is the latest musical sensation to burst upon the world from South Korea with his video "Gangnam Style." Slideshow
U.S. bank website hackers used advanced botnets, diverse tools
White House targeted in cyber attack
Mon, Oct 1 2012
U.S. Bancorp, PNC latest bank websites to face access issues
Wed, Sep 26 2012
Bank group warns of heightened risk of cyber attacks
Wed, Sep 19 2012
Germany urges public to stop using Internet Explorer
Tue, Sep 18 2012
Banks in talks to ease transfer of money with phone, email
Wed, Sep 12 2012
Analysis & Opinion
Essential reading: Pension managers become opportunistic amid volatility, and more
Financial cybercrime a national security threat, U.S. Justice Department official warns
Cyber Crime »
By Joseph Menn
SAN FRANCISCO |
Tue Oct 2, 2012 5:25pm EDT
SAN FRANCISCO (Reuters) - The hackers behind the cyber attacks on major U.S. banks have repeatedly disrupted online banking by using sophisticated and diverse tools that point to a carefully coordinated campaign, according to security researchers.
The hackers, believed to be activists in the Middle East, were highly knowledgeable about the defensive equipment used by the banks and likely spent months on reconnaissance, said several researchers interviewed by Reuters, who viewed the assaults as among the strongest and most complex the world has seen to date.
In the past two weeks, customers of top U.S. banks including Bank of America Corp, JPMorgan Chase & Co, Wells Fargo & Co, U.S. Bancorp and PNC Financial Services have reported having trouble accessing their websites, as unusually high traffic volumes appeared to crash or slow down the systems.
No thefts have been tied to hacked sites, but an untold number of customers were not able to pay bills or transfer money from their computers, leaving banks with remediation expenses and customer irritation as the biggest costs.
Researchers said the hackers used groups of compromised computers, known as botnets, which are inexpensive to rent for short periods. What made these botnets much more powerful was that they were made up of web servers that had been taken over, instead of mere personal computers.
"Tens of thousands" of servers are involved, said Tom Kellermann, vice president of major security vendor Trend Micro.
The FBI declined to comment on its investigation of the attacks. The banks either declined to comment or noted that most customers have been able to log into their accounts.
"It's fairly large, but it's something financial institutions are accustomed to dealing with," said Doug Johnson, vice president of the American Bankers Association trade group.
Sources familiar with the bank attacks have previously told Reuters that they could be part of a year-long cyber campaign waged by Iranian hackers against major U.S. financial institutions and other corporate entities.
Senator Joseph Lieberman, chairman of the Senate's Homeland Security and Governmental Affairs Committee, has also blamed Iran's much-improved cyber forces on the bank website outages.
A group that calls itself the Cyber Fighters of Izz ad-din Al Qassam has claimed credit for the recent bank attacks, declaring them a protest against the anti-Islam video posted on YouTube and stoked violent protests across the Muslim world.
The latest attacks against the banks have thrown as many as 30 million electronic packets per second at the websites, at times overwhelming both the banks and the additional technical resources being moved into place to counter the attacks.
That much volume "would overwhelm almost anyone, including large telecommunications companies," said Scott Hammack, chief executive of Prolexic Technologies, which specializes in warding off "denial of service" attacks. Prolexic's clients include several of the biggest banks, though Hammack declined to name which ones.
Experts said that high-volume denial-of-service attacks were becoming more common even before the latest bank assaults and would continue to increase in sophistication as well.
"This entire episode speaks to the need for banks, or any business operating online, to be prepared for this type of availability attack," said Dan Holden, director of research at security firm Arbor Networks.
(Reporting by Joseph Menn in San Francisco. Additional reporting by Jim Finkle in Boston and Rick Rothacker in Charlotte, N.C.; Editing by Bernard Orr)
Related Quotes and News
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Be the first to comment on reuters.com.
Add yours using the box above.
Back to top
New York Legal
Support & Contact
Connect with Reuters
Our Flagship financial information platform incorporating Reuters Insider
An ultra-low latency infrastructure for electronic trading and data distribution
A connected approach to governance, risk and compliance
Our next generation legal research platform
Our global tax workstation
About Thomson Reuters
Thomson Reuters is the world's largest international multimedia news agency, providing investing news, world news, business news, technology news, headline news, small business news, news alerts, personal finance, stock market, and mutual funds information available on Reuters.com, video, mobile, and interactive television platforms. Thomson Reuters journalists are subject to an Editorial Handbook which requires fair presentation and disclosure of relevant interests.
NYSE and AMEX quotes delayed by at least 20 minutes. Nasdaq delayed by at least 15 minutes. For a complete list of exchanges and delays, please click here.