Hacking group says it has suspended cyberattacks on banks

| Tuesday, Jan. 29, 2013, 10:38 a.m.

A computer hacking group that crippled access to more than two dozen banking websites for four months claimed a victory on Tuesday when an anti-Muslim video was removed from YouTube.

But the al-Qassam Cyber Fighters group, which many Internet experts and government officials believe is a front for the Iranian government, likely would have given up its battle because many financial institutions, including Downtown-based PNC Bank, improved their defenses, said Dave Aitel, CEO of Immunity Inc., a Miami Internet security firm.

“The bigger banks are just going to put money on it, and the problem will go away,” Aitel said. “The question the Iranians are asking themselves is: ‘Can this kind of disruption make a difference?' ”

The Cyber Fighters began the distributed denial-of-service attacks in September, claiming in statements posted to an Internet message board that the assault would continue until a YouTube video mocking the Islamic Prophet Muhammad came down.

A link to the YouTube video, which the group said had received 17.1 million views, said that it was “removed by the user.”

“The al-Qassam cyber fighters lauds this positive measure of YouTube and on this basis suspends his operation and plans to give a time to Google and U.S. government to remove the other copies of film as well,” the group said on the message board, Pastebin.com. “During the suspension of Operation Ababil, no attack to banks would take place by al-Qassam cyber fighters.”

Neither YouTube officials nor Google Inc., which owns the video-sharing website, could be reached for comment.

Distributed denial-of-service attacks flood a website with traffic, which overwhelms the site and makes it inaccessible to legitimate users.

Since September, the assault hit more than two dozen banks, including PNC Bank , Citizens Bank , Fifth Third Bank and Huntington Bank in the Pittsburgh region.

Initially the attacks focused on many of the largest U.S. banks, such as Bank of America, Citibank, Wells Fargo, J.P. Morgan Chase, PNC, U.S. Bancorp, HSBC, Capital One and Ally Financial.

PNC's website became inaccessible for two consecutive days in September in the first round of attacks. CEO James Rohr told CNBC during an October interview that the attackers “pummeled” PNC. A second round of attacks started in early December and caused intermittent outages over several weeks at PNC.

In recent weeks, even as the Cyber Fighters claimed to continue attacks on PNC and other banks, website problems became less frequent.

PNC spokeswoman Marcey Zwiebel said PNC's website was functioning normally but declined to comment further.

As problems on national bank websites tapered, the Cyber Fighters started attacks on regional banks, such as Huntington Bank, Zions Bank, Regions Financial, Fifth Third, UMB Bank and Citizens Bank.

Citizens notified customers by email last week that it was experiencing problems.

“Our website has experienced temporary disruptions due to an unusually high volume of Internet traffic, similar to disruptions that recently have impacted other U.S. banks,” Citizens' said in an email on Friday. “This excessive traffic, commonly known as a distributed denial-of-service, prevents our customers from accessing our online and mobile banking services.”

Citizens spokeswoman Sylvia Bronner declined to comment.

Several banks, including PNC, had asked the government to intervene to stop the attacks, the Wall Street Journal reported. The Iranian government denied involvement in the attacks.

Aitel, the Internet security expert, said the attackers likely faced a dilemma: Keep starting fruitless attacks on large banks, which are spending about $1 million a month on more server capacity and other technology to successfully defend against them, or target smaller banks with fewer customers to inconvenience.

“That question got answered one way or another,” he said.

Alex Nixon is a staff writer for Trib Total Media. He can be reached at 412-320-7928 or anixon@tribweb.com.

Subscribe today! Click here for our subscription offers.


Show commenting policy