Las Vegas, Nevada, December 08, 2012
Nuclear and biological weapons that remained the greatest threat to the mankind have got an edge with support from e-threats. The recent attack on the websites of the banking giants including Bank of America (BAC, Fortune 500), JPMorgan Chase (JPM, Fortune 500), Wells Fargo (WFC, Fortune 500), and others in the United States can be deemed as the same.
Did you notice any slowdown in your banking website in the past September? You might have blamed the usual slow server performance. But this time, it was not so; security experts admit that it was one of the biggest cyber-attacks that the United States has witnessed ever. What Internet cons experimented is termed as the “distributed denial of service attacks” in the IT glossary — often the acronym DDoS is used – where the attackers’ motive is to suspend the services of the targeted server thereby making its services denied for the intended users.
In total, six major American banks were hit in a wave that embraced Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC. Their respective customers complained about online account accessibility issues due to the sporadic slowdown of the website. In the early hours banks failed to clarify the exact causes leading to further frustration amidst customers.
However, there is a good reason to stay calm, as this type of attack does no harm to the confidential data or information of the bank and customers thereof. The solemn purpose of the attack is to disrupt the services running on the server. Technically the server is bombarded with unwanted requests to an extent that it gets overwhelmed and shuts down automatically.
Nevertheless, the diplomatic search is on to trace out the origin of the attack. Despite heavy brainstorming security researchers are not in agreement with the epicenter and causes, citing the volume of the attack, for the methods utilized by the attackers that seem quite basic. “The number of users you need to break those targets is very high,” The New York Times quoted Jaime Blasco, a security researcher at AlienVault involved in the investigation. “They must have had help from other sources.” In another report in The New York Times, a former U.S. official claimed there was “no doubt within the U.S. government that Iran is behind these attacks.”
Later on, unveiling the curtain from “Who made all this to happen?” a hacker group calling itself Izz ad-Din al-Qassam Cyber Fighters — a reference to Izz ad-Din al-Qassam, a Muslim holy man who fought against European forces and Jewish settlers in the Middle East in the 1920s and 1930s — took credit for the attacks in online posts.
The extremist group rationalized the incident in the wake of an anti-Islam video “The Innocence of Muslims” that ridiculed the Prophet Muhammad. The clouds of e-threat are still looming as the outfits challenged to continue to attack American credit and financial institutions daily, and possibly institutions in France, Israel and Britain, until the video is taken offline.
The only prevention module that seems effective is to equip the server with the right kind of security appliances or software whether IPS (Intrusion-prevention systems) – or DDS (DoS Defense System) – based defense, and keep those updated or upgraded to stay robust against growing challenges.
In Techvedic Mirror
However, crimes, be it of any type or origin, should be perceived independent of nationality and race. The allegation was vehemently denied in an Iran’s official statement. Also the group that took the responsibility, expressed its solitude from any government, and cleared the objective: forcing the U.S. government to get YouTube to remove the contentious video clip from its website.
In the wake of attack, it becomes essential for financial institutions and banking sectors to pull up their socks. They need to address two different issues, which are nothing but two sides of a coin: (a) keeping network from being attacked by outsiders, and (b) reinforcing security features of data server or IT infrastructure.
About Techvedic Technologies
Founded in 2009, Techvedic Technologies is an independent tech support vendor committed to simplify the Information Technology and enable people to derive maximum from their investment. Empowered by experienced technicians the company is offering end-to-end technical support for software and hardware products irrespective of their make or model and origin and warranty status.