Hackers vow to continue bank attacks
A computer hacking group that has claimed responsibility for cyberattacks on PNC Bank vowed on Tuesday to continue trying to shut down American banking websites for at least the next six months.
As the assault on PNC's website enters its fifth week, the Downtown-based bank appears to have been mostly successful in countering the attacks that try to cut access for online banking customers by overwhelming a website with traffic.
“We continue to see unusual activity, but the vast majority of our customers have no disruption to their service,” PNC spokeswoman Marcey Zwiebel said.
The attacks by a hacking group calling itself Martyr Izz ad-Din al-Qassam Cyber Fighters started Dec. 11 and have been intermittent in recent weeks. However, PNC's response also inadvertently blocked access for some of its legitimate customers, according to an apology the bank emailed to about 5 million customers last week.
In addition to an internal response to the attacks, PNC has informed “the appropriate authorities,” Zwiebel said. She declined to be more specific about the bank's interaction with law enforcement.
A spokesman for The White House, which has started the National Comprehensive Cybersecurity Initiative to combat hacking and other cybercrime, would not comment on the record.
Department of Homeland Security officials declined to answer specific questions about the attacks on PNC and other banks. But in an emailed statement, the department said it is involved in protecting “critical infrastructure and cyberspace against growing and evolving threats.”
“When called upon, the Department of Homeland Security collaborates with public and private sector partners, including the banking industry, to respond to and coordinate mitigation in the case of disruptions to the nation's critical cyber and communications networks and to reduce impacts on critical infrastructure.”
The computer hacking group said in a Tuesday post on an Internet message board it will continue the attacks for 169 days as retribution for an online anti-Islam video that the group has asked be removed from the Internet.
But the message, which includes an equation that purports to calculate the 169-day sentence based on the number of views the video has received, also states the attacks could continue for 56 weeks or 14 months. Read the full message at http://pastebin.com/MHLFTk2G.
“Al-Qassam CF's Jury has voted that USA must pay fines for his evil act based on number of views counted over movie,” the Pastebin.com message said.
“Cyber-attacks of al-Qassam C.F. in recent weeks showed that despite the high cost of U.S. banks to deal with these attacks, the attacks cannot go under control and are unstoppable,” the message states. “Dissatisfaction of customers of the banking services is increasing, but, by contrast, the banks responsibility about the disruptions of their activities is reducing day by day.”
The group has claimed responsibility for two days of denial-of-service attacks that crippled PNC's website in September.
Despite claims that the attacks are retaliation for the video, “Innocence of Muslims,” some Internet security experts have cast doubt on the motive.
The Cyber Fighters group has been launching attacks on U.S. banks since early 2012, well before the release of the video, an expert has told the Tribune-Review.
Denial-of-service attacks are often used in conjunction with attempts by hackers to get inside a bank's computer network, said Mike Saylor, executive director of the Cyber Defense Labs at the University of Texas at Dallas. Saylor could not comment directly on the recent cyberattacks on banks, but Cyber Defense Labs works with federal authorities to research and track hacking groups.
Computer hackers “like to succeed; they like to brag,” Saylor said. A denial-of-service attack could be in response to failing to penetrate a bank's security.
A hacker might respond: “If I can't hack you I'm going to shut you down,” he said.
But the attack could also be part of a more sophisticated assault to breach a website's security, he said. Systems need to be rebooted after an attack, which could leave some parts of the website open to attack.
“A vulnerability may exist during startup,” he said.
PNC officials have said that no customer financial or personal information has been compromised. CEO James Rohr, in an interview on CNBC in October, suggested that denial-of-service attacks could be part of a more sinister plot to steal financial information.
“The stated goal was to disrupt the systems,” Rohr said of the September attacks. “But if you're really kind of paranoid about it, it's to test where the vulnerabilities are so you can come back with another attack.”
Alex Nixon is a staff writer for Trib Total Media. He can be reached at 412-320-7928 or firstname.lastname@example.org.