U.S. Officials have cited Iran as the likely culprit behind the series of distributed denial of service (DDoS) attacks that have crippled several major U.S. Banks over the past four months, reports The New York Times.
According to the report, the complexity, nature and target of the attacks has led the U.S. to conclude Iran as their origin.
The attacks, which have hit the websites of Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank and HSBC since September 2012, have left the sties down for hours at a time through waves of DDos and encrypted DDoS attacks.
The Izz ad-Din al-Qassam Cyber Fighters group had claimed responsibility for the attacks, citing retaliation for a YouTube video that mocks the Prophet Muhammad. Instead, the U.S. believes the attacks represent retaliation by Iran for U.S. sanctions and previous cyber warfare efforts by the U.S. and Israel to sabotage Iran’s nuclear development program.
“There is no doubt within the U.S. government that Iran is behind these attacks,” said James A. Lewis, a former official in the State and Commerce departments.
The attacks, which involved a new form of malware called “Itsoknoproblembro,” are believed to be too complex to come from an individual group of hackers. The malware infects individual networks of computers in order to send an overwhelming amount of requests to target websites, but cannot be traced back to one party: rare of a virus of its kind.
The report also cites the nature of the attacks as reason to believe they originated from Iran: the DDoS attacks pursued disruption, not money, and did not breach a single bank account.
“The scale, the scope and the effectiveness of these attacks has been unprecedented” said Carl Herberger, vice president of security solutions at Radware. “There have never been this many financial institutions under this much duress.”
The Times also cites a Pastebin post by the Al-Qassam group stating that they have no intentions of ceasing their campaign against U.S. banks until the offensive YouTube video is pulled from the Internet.
“Rulers and officials of American banks must expect our massive attacks,” the group posted. “From now on, none of the U.S. banks will be safe.”