Best of the Week
Most Popular
1. US Housing Market Real Estate Crash The Next Shoe To Drop – Part II - Chris_Vermeulen
2.The Coronavirus Greatest Economic Depression in History? - Nadeem_Walayat
3.US Real Estate Housing Market Crash Is The Next Shoe To Drop - Chris_Vermeulen
4.Coronavirus Stock Market Trend Implications and AI Mega-trend Stocks Buying Levels - Nadeem_Walayat
5. Are Coronavirus Death Statistics Exaggerated? Worse than Seasonal Flu or Not?- Nadeem_Walayat
6.Coronavirus Stock Market Trend Implications, Global Recession and AI Stocks Buying Levels - Nadeem_Walayat
7.US Fourth Turning Accelerating Towards Debt Climax - James_Quinn
8.Dow Stock Market Trend Analysis and Forecast - Nadeem_Walayat
9.Britain's FAKE Coronavirus Death Statistics Exposed - Nadeem_Walayat
10.Commodity Markets Crash Catastrophe Charts - Rambus_Chartology
Last 7 days
Silver Bull Market Update - 7th Aug 20
This Inflation-Adjusted Silver Chart Tells An Interesting Story - 7th Aug 20
The Great American Housing Boom Has Begun - 7th Aug 20
Know About Lotteries With The Best Odds Of Winning - 7th Aug 20
Could Gold Price Reach $7,000 by 2030? - 6th Aug 20
Bananas for All! Keep Dancing… FOMC - 6th Aug 20
How to Do Bets During This Time - 6th Aug 20
How to develop your stock trading strategy - 6th Aug 20
Stock Investors What to do if Trump Bans TikTok - 5th Aug 20
Gold Trifecta of Key Signals for Gold Mining Stocks - 5th Aug 20
Stock Market Uptrend Continues? - 4th Aug 20
The Dimensions of Covid-19: The Hong Kong Flu Redux - 4th Aug 20
High Yield Junk Bonds Are Hot Again -- Despite Warning Signs - 4th Aug 20
Gold Stocks Autumn Rally - 4th Aug 20
“Government Sachs” Is Worried About the Federal Reserve Note - 4th Aug 20
Gold Miners Still Pushing That Cart of Rocks Up Hill - 4th Aug 20
UK Government to Cancel Christmas - Crazy Covid Eid 2020! - 4th Aug 20
Covid-19 Exposes NHS Institutional Racism Against Black and Asian Staff and Patients - 4th Aug 20
How Sony Is Fueling the Computer Vision Boom - 3rd Aug 20
Computer Gaming System Rig Top Tips For 6 Years Future Proofing Build Spec - 3rd Aug 20
Cornwwall Bude Caravan Park Holidays 2020 - Look Inside Holiday Resort Caravan - 3rd Aug 20
UK Caravan Park Holidays 2020 Review - Hoseasons Cayton Bay North East England - 3rd Aug 20
Best Travel Bags for 2020 Summer Holidays , Back Sling packs, water proof, money belt and tactical - 3rd Aug 20
Precious Metals Warn Of Increased Volatility Ahead - 2nd Aug 20
The Key USDX Sign for Gold and Silver - 2nd Aug 20
Corona Crisis Will Have Lasting Impact on Gold Market - 2nd Aug 20
Gold & Silver: Two Pictures - 1st Aug 20
The Bullish Case for Stocks Isn't Over Yet - 1st Aug 20
Is Gold Price Action Warning Of Imminent Monetary Collapse - Part 2? - 1st Aug 20
Will America Accept the World's Worst Pandemic Response Government - 1st Aug 20
Stock Market Technical Patterns, Future Expectations and More – Part II - 1st Aug 20
Trump White House Accelerating Toward a US Dollar Crisis - 31st Jul 20
Why US Commercial Real Estate is Set to Get Slammed - 31st Jul 20
Gold Price Blows Through Upside Resistance - The Chase Is On - 31st Jul 20
Is Crude Oil Price Setting Up for a Waterfall Decline? - 31st Jul 20
Stock Market Technical Patterns, Future Expectations and More - 30th Jul 20
Why Big Money Is Already Pouring Into Edge Computing Tech Stocks - 30th Jul 20
Economic and Geopolitical Worries Fuel Gold’s Rally - 30th Jul 20
How to Finance an Investment Property - 30th Jul 20
I Hate Banks - Including Goldman Sachs - 29th Jul 20
NASDAQ Stock Market Double Top & Price Channels Suggest Pending Price Correction - 29th Jul 20
Silver Price Surge Leaves Naysayers in the Dust - 29th Jul 20
UK Supermarket Covid-19 Shop - Few Masks, Lack of Social Distancing (Tesco) - 29th Jul 20
Budgie Clipped Wings, How Long Before it Can Fly Again? - 29th Jul 20
How To Take Advantage Of Tesla's 400% Stock Surge - 29th Jul 20
Gold Makes Record High and Targets $6,000 in New Bull Cycle - 28th Jul 20
Gold Strong Signal For A Secular Bull Market - 28th Jul 20
Anatomy of a Gold and Silver Precious Metals Bull Market - 28th Jul 20
Shopify Is Seizing an $80 Billion Pot of Gold - 28th Jul 20
Stock Market Minor Correction Underway - 28th Jul 20
Why College Is Never Coming Back - 27th Jul 20
Stocks Disconnect from Economy, Gold Responds - 27th Jul 20
Silver Begins Big Upside Rally Attempt - 27th Jul 20
The Gold and Silver Markets Have Changed… What About You? - 27th Jul 20
Google, Apple And Amazon Are Leading A $30 Trillion Assault On Wall Street - 27th Jul 20
This Stock Market Indicator Reaches "Lowest Level in Nearly 20 Years" - 26th Jul 20
New Wave of Economic Stimulus Lifts Gold Price - 26th Jul 20
Stock Market Slow Grind Higher Above the Early June Stock Highs - 26th Jul 20
How High Will Silver Go? - 25th Jul 20
If You Own Gold, Look Out Below - 25th Jul 20
Crude Oil and Energy Sets Up Near Major Resistance – Breakdown Pending - 25th Jul 20
FREE Access to Premium Market Forecasts by Elliott Wave International - 25th Jul 20
The Promise of Silver as August Approaches: Accumulation and Conversation - 25th Jul 20
The Silver Bull Gateway is at Hand - 24th Jul 20
The Prospects of S&P 500 Above the Early June Highs - 24th Jul 20
How Silver Could Surpass Its All-Time High - 24th Jul 20

Market Oracle FREE Newsletter

How to Get Rich Investing in Stocks by Riding the Electron Wave

Mounting Fears of 'Cyber-Pearl-Harbor', Escalating Attacks on Banks

Stock-Markets / Cyber War Oct 23, 2012 - 10:18 AM GMT

By: DK_Matai


Best Financial Markets Analysis ArticleFrom Bank of America to HSBC and from JPMorgan Chase to Wells Fargo bank a growing wave of cyber attacks has disrupted and crippled the customer-facing online presence of some of the biggest and most powerful high-profile Western financial institutions over the past several weeks.  Ally Financial, BB&T, Capital One Financial, PNC Bank, Regions Financial, SunTrust Bank and US Bank have also been targeted.  Customers trying to use the online systems of those banks after the latest digital attacks were denied access or faced long delays.  Some of the digital attacks appear to have originated in Iran and Russia.  Security experts now believe that multiple well-organised digital attackers rather than a single attacker are behind the events that caused day-long slowdowns and, at times, complete online outages at various top banks. 

US Secretary of Defense Cautions Against Cyber-Pearl-Harbor

The US Secretary of Defense Leon Panetta has warned that the country could face a 'Cyber-Pearl-Harbor' in the near future and has drafted new rules which would enable the American military to move quickly to thwart any such attacks.  Panetta is also concerned that the “scale and speed” of the bank attacks is unprecedented.  The digital attacks have continued this week despite a warning from him that America has the ability to determine who is responsible.  Specifically, Panetta said, “Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests” to business executives in New York. 

Panetta also said that Iran has “undertaken a concerted effort to use cyberspace to its advantage.”  Panetta added that digital attacks emanating from foreign soils could paralyse the country's power grid financial networks and transportation system saying that a cyber attack had the potential to "paralyse and shock the nation and create a profound new sense of vulnerability."  "If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us, to defend this nation when directed by the president," Panetta said in the speech to top business executives in New York. 

Panetta also added that the "Shamoon" virus which attacked Saudi Arabia's state oil company, Aramco, was probably the most destructive attack the business sector has seen to date.  The virus also struck a joint venture between the US oil firm ExxonMobil and state-controlled Qatar Petroleum.  Iran is suspected of taking revenge for US sanctions by targeting oil companies with cyber attacks, knocking out Saudi Arabia’s Aramco’s computers for two weeks.  A disruption to Saudi Arabia's oil exports could cause oil prices to spike from their already elevated prices and tip the fragile global economic recovery into recession.

Need for Emergency Board Meeting

If there ever was a time for any major organisation's board of directors to listen carefully to their Chief Information Officer (CIO) and Chief Information Security Officer (CISO) that time has now arrived.  Call an emergency board meeting and please pay close attention to the advice of your CIO and CISO in regard to online security matters.  Your online reputation, trust in your brand, customer confidence and share price may soon depend on the swiftness of your attention to this urgent matter.  Companies have to be very aware of what’s going on in regard to this latest round of cyber attacks on banks of 100+ billion bytes per second and they have to start thinking about a Plan B and Plan C beyond Plan A if financial chaos is manifest in the near future.

Why the Red Alert? Possible Flash Crash?

The mi2g Intelligence Unit (mIU) and the ATCA 5000 Research & Analysis Wing (A-RAW) have become concerned about the latest round of digital attacks because US and Western large capital financial institutions have some of the best network security defences of any industry. Sustained attacks could disrupt customer confidence in industries beyond banking and may have a much larger cascading fallout given that Systemically Important Financial Institutions -- SIFIs -- are also coming under sustained attack.  The latest campaign of digital attacks appears to have been near-100 percent effective, at least in bringing the targeted financial institutions some level of visible duress.  The attackers are adapting to the banks’ defences and becoming more sophisticated in their tactics with every passing week.  Is it plausible that the next flash crash which manifests in the global financial markets may be traced back to these swiftly escalating cyber attacks? 

Who Is Responsible? And Why?

A hacktivist group calling itself the "Izz ad-Din al-Qassam Cyber Fighters" took credit for the cyber attacks against banking giants in a Pastebin post, which has since been removed.  The group, perhaps Iranian, has claimed that it is protesting the presence of the anti-Islamic video 'Innocence of Muslims' on the Internet, which has helped spark outrage in the Middle East against the United States in particular and the West in general.  There is scepticism that fringe Islamist groups are sufficiently organised to mount these colossal digital attacks on their own without nation-state assistance.

Some of the attacks are apparently linked to hacktivists associated with Anonymous. In a Pastebin post, UK-based Fawkes Security took responsibility for some of the attacks.  "As some of you may be aware HSBC bank suffered several DDoS attacks on the named sites in the past hours they were all brought down by #FawkesSecurity," according to the post. "Before any claim [expletive] attempt to take ownership of this attack, the proof is all in our Twitter account, Targets, time and date :) @FawkesSecurity."

The source of some of the digital attacks, which are flooding the banking websites with so much traffic that they become unavailable, are still not fully known.  United States authorities are used to cyber espionage from Russia and China, but have been surprised by the swift rise in Iran's digital warfare capability.  Based on some limited data samples, some security experts suggest that the Iranian government may be behind the digital attacks against banks and oil companies as opposed to fringe Islamists or hacktivists.  However, further definitive evidence is still needed.  There’s no technical problem in forensically figuring out who did what. The problem remains that can one visit China, Russia or Iran and actually carry out the inspection of their equipment to know what’s really going on?

Why Is 100+ Billion Bytes per Second So Powerful?

There is no denying that the latest round of Distributed Denial of Service -- DDoS -- digital attacks are extremely powerful and unprecedented at 100+ billion bytes or 100+ Giga bytes per second.  The leading DDoS prevention software more or less stops working when the digital attacks get larger than 60-70 Gigabytes per second and simply can't handle the bandwidth of these 100+ Gigabyte per second attacks.  The major ISPs have only a few hundred Giga-bytes per second bandwidth for all their customers, and even if they add more on to that, the hacktivists could quickly and easily overwhelm any additionally allocated bandwidth.

This is an unprecedented escalation because the commercial servers that have been deployed in carrying out the digital attacks have not previously been utilised on such a large scale to deliver 100+ Gigabytes per second attacks.  Along with using commercial servers, digital attackers are overloading bank websites with queries, such as requests to find branch locations, and sending encrypted data packets that bypass traditional defences and intrusion-detection systems.

DDoS attacks that are causing havoc are being launched from just 3,000+ compromised endpoints distributed around the world, all lobbing payloads of multiple megabytes per second that together add up to 100+ Gigabytes per second of a digital cacophony blasting into the banks through their digital plumbing.  DDoS attacks have nearly doubled in frequency and tripled in size during the past year.  The transition from digital attacks using botnets made up of low-bandwidth home computers to high-bandwidth corporate servers has definitely played a role in increasing the average attack bandwidth significantly.  Ahead of the massive digital attacks reconnaissance, probing and scanning to evaluate the banking websites’ effectiveness is routinely taking place to see if they have certain attributes in place.

What Are the Attacks' Objectives?

The sole purpose of the attacks appears to be to disrupt banking customers' ability to access their funds.  The goal of the digital attacks appears neither to have been to steal money, nor to steal personal identity, nor to take information or intellectual property from the financial institutions themselves, but actually to prevent banking customers from doing things that they like to do online from a convenience standpoint. 

Who Is Winning?

Senior officials at some of the banks that have been targeted said that the large scale attacks stopped the day when the perpetrators issued a stop command to the network of computers they had commandeered. The assault stopped because the attackers quit or moved on to other banks, not because the banking groups defeated the attacks.

Firewalls Don't Work

Firewalls can no longer block these sophisticated digital attacks.  In the case of some of the banks, excessive traffic was coming in at a rate of 100+ Gigabytes per second, totally overwhelming the infrastructure.  DDoS and other advanced attacks can't be solved by opening up more bandwidth. The problem is that firewalls, Intrusion Prevention Systems (IPS) and other infrastructure aren't designed to deal with volumetric attacks and they simply freeze up.

What’s the Solution?

Networks need a new "first line of defence" at the perimeter.  The solution may lie in a new type of hardware device designed to sit in front of the firewall.  Its purpose may be to pre-evaluate all traffic and remove unwanted "digital noise" before it can get to the firewall, the IPS, and other points in the infrastructure.  When the nefarious traffic is eliminated, these other devices can do the jobs they are intended to do.  The new hardware device may need to systematically deploy several steps to move successively deeper into the protocol stack to inspect the packets more closely in order to counter more complex issues than any firewall alone may be able to mitigate:

Step 1:  Utilise real-time reputation updates, current geo-location information and real-time threat detection to evaluate inbound traffic. For example, if packets are originating from a country where the network owner doesn't do business -- say China, Russia or Iran -- then the traffic ought to be blocked. 

Step 2:  Limit the frequency rates of self-similar traffic coming into the network from the same source. This would take care of repeated requests for specific pages originating from the same digital location.

Step 3:  Analyse the behaviour of the digital traffic and toss out packets that violate protocol and application usage standards.  Also, look for questionable outbound traffic not conforming to policies and/or standards.

Step 4:  Look for known security issues in the digital traffic. This includes:

            a. buffer overflows;

            b. injections and brute-force password attacks;

            c. random malware and exploits in the payloads; and

            d. advanced evasion techniques such as fragmentation and segmentation that can be used to hide attacks.

By the time traffic has gone through all these extra layers of inspection, it may be sufficiently clean to continue to the second line of defence -- the firewall and the Intrusion Prevention System (IPS). 

Of course, rapid identification and takedown of the offending endpoints conducting the DDoS attacks would be ideal. This ought to be possible as long as there is co-ordination and strong cooperation across countries and internet service providers.  This is not a small feat.  In the meantime, don’t hold your breath waiting for that to happen. Instead, evolve your "first line of defence", evolve multiple online banking relationships, alert your board of directors and get talking to your CIO and CISO straightaway!

We will shortly be conducting two face-to-face roundtables on this subject and if you would like to attend please let us know.

What are your thoughts, observations and views? We are hosting an Expert roundtable on this issue at ATCA 24/7 on Yammer.

By DK Matai

Asymmetric Threats Contingency Alliance (ATCA) & The Philanthropia

We welcome your participation in this Socratic dialogue. Please access by clicking here.

ATCA: The Asymmetric Threats Contingency Alliance is a philanthropic expert initiative founded in 2001 to resolve complex global challenges through collective Socratic dialogue and joint executive action to build a wisdom based global economy. Adhering to the doctrine of non-violence, ATCA addresses asymmetric threats and social opportunities arising from climate chaos and the environment; radical poverty and microfinance; geo-politics and energy; organised crime & extremism; advanced technologies -- bio, info, nano, robo & AI; demographic skews and resource shortages; pandemics; financial systems and systemic risk; as well as transhumanism and ethics. Present membership of ATCA is by invitation only and has over 5,000 distinguished members from over 120 countries: including 1,000 Parliamentarians; 1,500 Chairmen and CEOs of corporations; 1,000 Heads of NGOs; 750 Directors at Academic Centres of Excellence; 500 Inventors and Original thinkers; as well as 250 Editors-in-Chief of major media.

The Philanthropia, founded in 2005, brings together over 1,000 leading individual and private philanthropists, family offices, foundations, private banks, non-governmental organisations and specialist advisors to address complex global challenges such as countering climate chaos, reducing radical poverty and developing global leadership for the younger generation through the appliance of science and technology, leveraging acumen and finance, as well as encouraging collaboration with a strong commitment to ethics. Philanthropia emphasises multi-faith spiritual values: introspection, healthy living and ecology. Philanthropia Targets: Countering climate chaos and carbon neutrality; Eliminating radical poverty -- through micro-credit schemes, empowerment of women and more responsible capitalism; Leadership for the Younger Generation; and Corporate and social responsibility.

© 2012 Copyright DK Matai - All Rights Reserved Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors.

© 2005-2019 - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.

Post Comment

Only logged in users are allowed to post comments. Register/ Log in

6 Critical Money Making Rules