Major financial institutions in the United States are dealing with a spate of cyber-attacks this week, forcing an industry body to raise the cyber threat level from ‘elevated’ to ‘high’.
Issues surfaced on Tuesday when the Bank of America Corp’s website suffered intermittent problems, before the consumer banking site of JP Morgan Chase & Co came under attack yesterday, reports Reuters.
"We're experiencing intermittent issues with Chase.com,” said JPMorgan Chase spokesman Patrick Linehan. "We apologize for any inconvenience and are working to restore full connectivity." As a result of the second incident, the Financial Services Information Sharing and Analysis Center, commonly known as FS-ISAC, heightened the alert to its members citing "recent credible intelligence regarding the potential" for further cyber attacks.
The attacks came after an alleged representative of the “cyber fighters of Izz ad-din Al qassam” posted a warning on pastebin.com, claiming US companies would be targeted by the group until the controversial Innocence of Muslims video was erased from the web.
Dan Holden, director of security research at Arbor Networks, told Reuters that several US banks were under assault from a distributed denial of service (DDoS) campaign, but declined to identify them by name.
"Often these DDoS attacks are part of a more sophisticated blended threat - One that utilizes DDoS as a diversion for more complex, difficult to detect techniques with the intention to extract customer data or financial information," said Holden.
The news agency also quotes a security contractor familiar with the events, who claimed the attacks were "massive" in scope.
Pressure is now likely to increase on the Obama administration to impose more stringent defences to protect the nation’s critical infrastructure from cyber attacks. Congress has frequently stalled on passing legislation proposing to tighten network security and surveillance, with concerns over privacy being compromised and excessive regulation of business.
But FS-ISAC’s threat warning could force Obama’s hand in delivering an executive order that further mobilises security agencies.