If you haven't yet been the victim of a cybersecurity attack, you might be soon depending on what bank you use.
Computer security firm McAfee issued a report yesterday (Thursday) alleging a "massive cyberattack" was being planned for next spring.
According to CNNMoney, a gang of criminals headed by a Russian cyber mafia chief known as NSD had developed a powerful "Trojan Horse" program designed to take money out of victims' bank accounts and channel it into their own.
The plan, called "Project Blitzkrieg," was aimed at 30 U.S. financial institutions, including online payment company PayPal, and was based on a malware program that would clone an account holder's computer to make it look like the accounts were being accessed from the owner's home computer, avoiding security questions that would deny the criminals access to the accounts. The idea was to then access thousands of accounts simultaneously to take out small amounts of cash from each one that would total millions of dollars.
Project Blitzkrieg first came to light when notices were posted on hacker Websites looking for hackers to join the group planning the attack. They offered a share of the loot for service.
Once the plan was discovered, it seems to have "gone dark."
It is impossible to know if Project Blitzkrieg has been cancelled or whether it is proceeding under much tighter security but security companies, including McAfee, have been working with banks to bolster their security.
The Latest Cybersecurity Threat
In September, an Iranian hacker group calling itself Cyber Fighters of Izz ad-Din al-Qassam announced it would launch a "distributed denial of service" (DDoS) attack on major U.S. banks.
Even though the group had announced the attack in advance, major banks, including Bank of America Corp. (NYSE: BAC), US Bancorp (NYSE: USB) and PNC Financial Services (NYSE: PNC) found their Websites flooding with junk data, preventing their customers from accessing their accounts and conducting business. Some banks were unable to use their Websites for a few hours, others, for an entire day.
The Cyber Fighters announced new attacks to take place this week.
Although it has not been proven, it is thought that the Cyber Fighters of Izz ad-Din al-Qassam are sponsored by the government of Iran.
Late last month, Arbor Networks, a network security company, warned of an "Armageddon attack" in which the amount of data used in a DDoS attack could "not only overwhelm the end victim but also all the Internet providers in between," Carlos Morales,VP for global sales engineering and operations, told InformationWeek Security.
"What's alarming is that even though the attackers announced the exact date and time that they would be launching their attacks, as well as their targets, the targeted financial institutions were unable to prevent their websites from being disrupted," InformationWeek Security wrote, referring to the denial of service attacks on U.S. banks in September.
"Bank officials and DDoS experts have both said that the sheer scale of the attacks was to blame. Attackers had apparently compromised servers – most likely at service providers -that were able to support high-bandwidth attacks. Together with blended attack techniques, attackers overwhelmed every one of their targets."
It has become progressively easier to launch massive DDoS attacks using either compromised high-bandwidth servers or botnets-millions of "zombie" PCs that have been infected with malware so that they respond to commands from a remote hacker.
"The attack volumes theoretically now available would make it possible for attackers to disrupt not just their targets, but every service provider in between," InformationWeek Securitywrote.
"Service providers have a lot of bandwidth throughout their network, but there are limits to how much traffic they can handle," Morales told InformationWeek Security. "Attacks of that magnitude described would have profound effect on the Internet as a whole, exploiting bottlenecks in many places simultaneously. No single service provider, even the largest tier ones, would be able to handle all this traffic without adversely affecting their user base."
This has the government worried.
Cybersecurity in 2013
U.S. Secretary of Defense Leon Panetta has said publicly that he is concerned that not only banks but critical American infrastructure is vulnerable to this type of massive DDoS attack.
Fortunately, September's DDoS attacks on American banks failed to disrupt the banks' shared infrastructure.
John M. "Mike" McConnell, the former U.S. director of national intelligence and current vice chairman of Booz Allen Hamilton, told the Bloomberg Link Enterprise Risk Conference, "If the DDoS broke into the clearing banks and froze their systems, the global financial markets would freeze," which could cause financial panic, such as a run on banks and wild swings in the financial markets.
In an interview with the Financial Times on Dec. 2, McConnell said, "We have had our 9/11 warning. Are we going to wait for the cyber equivalent of the collapse of the World Trade Centers?" McConnell continued, "All of a sudden, the power doesn't work, there's no way you can get money, you can't get out of town, you can't get online, and banking, as a function to make the world work, starts to not be reliable. Now, that is a cyber Pearl Harbor, and it is achievable."
Related Articles and News:
- Money Morning:
Cybersecurity Companies Gear Up for Huge Role in 2013
- Financial Times:
Former US spy chief warns on cybersecurity
Massive bank cyberattack planned
- Bloomberg Businessweek:
Threatened Cyber Attack on Banks `Credible,' McAfee Says
- Wall Street & Technology:
Can Banks Prevent the Next Cyber Attack?
- InformationWeek Security:
Bank DDoS Strikes Could Presage Armageddon Attacks