US Banks Warned Of Islamist Hacker Threat

Bank finance © Paul Fleet Shutterstock 2012

Warning: hackers will take last week’s violent anti-US protests online

On Wednesday, the Financial Services Information Sharing and Analysis Centre (FS-ISAC) has told the US financial sector to expect more hacker attacks as part of an alleged campaign by “Izz ad-din Al qassam” group.

According to Reuters, the organisation raised its cyber threat level from “elevated” to “high”, following suspected attacks on Bank of America and JPMorgan Chase earlier this week.

Innocence of banks

Both Bank of America and JPMorgan Chase have experienced problems with their websites, after an unidentified user posted a statement on PasteBin, threatening to attack the banks and the New York Stock Exchange unless the offensive “Innocence of Muslims” film was “erased”. The controversial video clip has been blamed for anti-US protests in Egypt, Libya and Yemen, which led to the death of the US ambassador to Libya and other diplomats.

“We, Cyber fighters of Izz ad-din Al qassam will attack the Bank of America and New York Stock Exchange for the first step. These Targets are properties of American-Zionist Capitalists,” says the statement. “This attack will continue till the Erasing of that nasty movie.”

It is unclear how exactly the film should be “erased”. Last week, YouTube had decided to keep the video online, but make it inaccessible in some countries. “This video – which is widely available on the Web – is clearly within our guidelines and so will stay on YouTube. However, given the very difficult situation in Libya and Egypt, we have temporarily restricted access in both countries,” said a statement from the company.

Sources quoted by Fox News believe that while timing of the attacks could be “just a big coincidence” it is “not likely.” In its advisory, FS-ISAC, an industry group with members including Goldman Sachs Group, Morgan Stanley, MasterCard and Visa, has said that recent “credible intelligence” suggests that there is high probability of more attacks.

It is believed the banks suffered from a “massive” distributed denial of service (DDoS) campaign. Two days earlier the FBI published an alert advising financial sector that hackers could be using such attacks to distract the security specialists from “fraudulent large-sized wire transfers”.

“Often these DDoS attacks are part of a more sophisticated blended threat – One that uses DDoS as a diversion for more complex, difficult to detect techniques with the intention to extract customer data or financial information,” Dan Holden, director of security research at Arbor Networks told Reuters.

The advisory from FS-ISAC urges financial sector companies to “ensure constant diligence in monitoring and quick response to any malicious events.” It also warns about the recently uncovered zero-day flaw in Microsoft’s Internet Explorer browser. The company has released a Fix It tool as a temporary solution, and promised to deliver an emergency patch on Friday.

Earlier this week, the German government advised the public to stop using Internet Explorer until an update is released.

The warning comes as the cybersecurity bill is debated in the US Congress. The legislation could give the government powers to help secure private networks, but has been opposed by the privacy campaigners and businesses groups.

How well do you know Internet security? Try our quiz and find out!