It has been a particularly disturbing couple of weeks as headlines throughout America highlight how some of our most powerful financial institutions were being hacked by alleged foreign powers. It all began on September 17 when the FBI issued a joint Bank Fraud Alert with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Internet Crime Complaint Center.
The Bank Fraud Alert warned banks and financial institutions that hackers were using Distributed Denial of Service (DDoS) attacks to take down their consumer websites to distract both the consumers and bank cybersecurity while millions of dollars were fraudulently wired out of peoples’ accounts. The very next day, Bank of America was reported to have website problems and consumers were having trouble accessing the website and their bank accounts.
On September 19, J.P. Morgan Chase Bank was reported to have similar problems as their website went down and consumers could not access their bank accounts. That same day, FS-ISAC raised its Current Financial Services Cyber Threat Advisory from “elevated” to “high” for the first time in its history. A few days later on September 25, Wells Fargo suffered website outages followed by website problems for U.S. Bank and PNC Bank the next day.
A hacker group by the name of Izz ad-din Al qassam Cyber Fighters has been claiming responsibility for these DDoS attacks, but experts warn that it is more likely that an organization with far more money and capabilities is responsible for these attacks. Senator Joseph Lieberman, Chairman of the Homeland Security Committee, stated in a C-SPAN interview that he believed Iran’s government sponsored the cyber-attacks.
Now, the Washington Free Beacon reported on Sunday that alleged Chinese government hackers had breached a computer system associated with the White House Military Office. A White House official confirmed that hackers had breached an unclassified computer network, but emphasized that the network had no unclassified information and no data appeared to have been stolen.
Apparently, the breach was made possible by a spear phishing attack, which involves the use of a message that appears to be authentic and contains a file or link to be clicked on which then installs malicious software onto the computer. The Senate blocked the Cybersecurity Act of 2012 in August which was designed to help bolster cybersecurity in critical infrastructures in the United States, leaving the Obama administration to consider issuing an executive order to improve cybersecurity instead.
“First the Banks, Now the White House” was written by Sam Imandoust, Esq. He serves as a legal analyst for the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the ITRC_Blog.