US Senator Joe Lieberman blamed Iran for the attacks against US banks last Friday, with thoughts that Iran did so out of revenge for the Stuxnet case. The victims of last week’s attacks included Bank of America and JPMorgan Chase. Although not attacked, speculation is that CitiGroup has been a target over the past year. All of these denial of service campaigns seemed to have begun in late 2011.
In C-SPAN’s taping of “Newsmakers,” Lieberman labeled the recent DDoS attacks against the banks a “powerful example of our vulnerability”.
Now, from the perspective of Lieberman, it makes sense to make such claims. When we reported in June about a potential US and Israeli connection for malwares like Flame and Stuxnet, labeled “Operation Olympic Games”, we saw the counterattack that continued cyberwarfare between Iran and the US (as well as other countries). This could be just one of possibly many counterattacks from Iran, and it’s going to be quite dangerous to companies that are vulnerable to cyberattack.
Cyberattacks will continue with DDoS and other hacks, and it could target almost any major organization around the world. The main idea is to craft the correct cybersecurity strategies, and be aware of any attack vectors (like if there are too many people trying to hack in to the networks). It’s important to learn from issues like this, and be able to adapt the latest strategies for businesses. Which means: If you don’t have a director for information security at your major company, it’s about time to get one and soon!
Keep all of your devices FULLY safe from hackers:
It’s been reported that many US banks are on high alert because of recently targeted cyber attacks.
We just reported about a different target, with spammers targeting email users, however, the banks themselves are being targeted as well.
Computer World notes:
The Financial Services Information Sharing and Analysis Center (FS-ISAC) has put U.S. banks on high alert against cyberattackers seeking to steal employee network login credentials to conduct extensive wire transfer fraud.
The alert warns banks towatch out for hackers using spam, phishing emails, Remote Access Trojans and keystroke loggers to try and pry loose bank employee usernames and passwords.
The FBI has noticed a new trend where cyber criminals use stolen employee credentials to wire transfer hundreds of thousands of dollars from U.S. customer accounts to overseas banks, the FS-ISAC noted.
On their Pastebin posts, hackers have noted the following:
In the name of Allah the companionate the merciful
My soul is devoted to you Dear Prophet of Allah
“Operation Ababil” started over BoA :
In the second step we attacked the largest bank of the united states, the “chase” bank. These series of attacks will continue untill the Erasing of that nasty movie from the Internet.
The site “www.chase.com” is down and also Online banking at “chaseonline.chase.com” is being decided to be Offline !
Down with modern infidels.
### Cyber fighters of Izz ad-din Al qassam ###
However, CNN reports no evidence backing up claims and could be related to what happened to Go Daddy, saying: “But there was no immediate evidence to support the hackers’ claims, and several recent ones turned out to be hoaxes. Earlier this month, a person affiliated with the hacktivist collective Anonymous said the group took down the web hosting service Go Daddy, and in June the group UGNazi claimed responsibility for downing Twitter. Both outages were later revealed to be technical issues.”
- Here We Go Again: Iran reportedly behind cyber attacks on U.S. banks (sott.net)
- Muslim Cyber Fighters Attack Chase Bank in ‘Operation Ababil’ (betabeat.com)
- ‘US officials blame Iran for cyber attacks on banks’ (warsclerotic.wordpress.com)
- Bank of America Hit By Cyber Attack (makaseh.wordpress.com)
Be careful of new spammy emails from (apparently) Chase.com. These emails state that your account has been locked out, and to “click here” to unlock your account. However, doing so can compromise your computer. Only click links that appear to be real, which means when you hover over the link, it should show the same address in the status bar at the bottom of the browser. If it really is from Chase.com, you should see https://www.chase.com/ as the first part of the address. If there is anything extra placed after the .com part, except for a forward slash (as noted in the link example highlighted red), distrust it. Don’t click on it. If anything, call Chase customer support about the email rather than clicking the link.
It’s also very obviously a spammy email, because of the grammar/spelling errors involved. And also because of the following (when I view the full header):
- Return-Path: <email@example.com>
- Received-SPF: none (domain of c12.iservidorweb.com does not designate permitted sender hosts)
- Received: from armagedo by c12.iservidorweb.com with local (Exim 4.77)
- Message-Id: <firstname.lastname@example.org> id 1TF5am-00009J-DX
- X-AntiAbuse: Sender Address Domain – c12.iservidorweb.com
- IP: 126.96.36.199
See for yourself:
You can avoid spammy issues like this coming to your inbox by downloading the following tool:
- Chase site hiccups following similar Bank of America problems (news.cnet.com)
- Chase’s website slowed by glitches (money.cnn.com)
- Chase says experiencing ‘issues’ with website (seattlepi.com)
- Chase.com is Down, Day After BoFA’s Website Attacked (valuewalk.com)
- Chase Bank Is Second to be Hit with Cyber-Attack In Response to “Sacrilegious Movie” [Hackers] (gizmodo.com)