ShareThis Page

House Intelligence Committee chairman blames Iran for bank cyber attacks

| Wednesday, Feb. 13, 2013, 11:24 p.m.
Rep. C.A. “Dutch” Ruppersberger, D-Maryland, the ranking member on the House Intelligence Committee, speaking with John Engler, president of the Business Roundtable and former Michigan governor, and Paul Smocer, president of BITS, the technology policy division of The Financial Services Roundtable. Andrew Conte | Pittsburgh Tribune-Review

WASHINGTON — The chairman of the House Intelligence Committee told the Tribune-Review on Wednesday that he is 99.9 percent confident Iran initiated recent cyber attacks on PNC and other major banks and that it clearly has the capability and desire to trigger more destructive assaults.

Rep. Mike Rogers, R-Mich., said Iran likely attacked computers at American banks to look for weaknesses to exploit.

“They're eager and ready to ramp up their actions here in the United States,” Rogers said. “Here's a country that's feeling isolated. Sanctions are hurting badly. … This is not a country that's going to make a rational decision about attacks of this nature.”

In “Cyber Rattling: The Next Threat,” a series of stories on cyber security that began Sunday, experts told the Trib that the bank attacks are part of a global war over information that could quickly escalate with destructive, and perhaps even deadly, computer attacks. Adversaries who might want to cause damage quickly are gaining more sophisticated capabilities, experts warned.

Rogers talked with the Trib after speaking about computer security concerns to about 150 people at the Center for Strategic and International Studies. Rep. C.A. “Dutch” Ruppersberger, D-Md., the ranking member on the House Intelligence Committee, warned that attacks might try to wipe out bank accounts or shut down critical infrastructure, such as power grids.

Lawmakers from both parties reintroduced legislation on Wednesday that they said would help the government and the private sector work together to prevent computer attacks and better respond when they occur. The Intelligence Committee is holding a hearing Thursday on the proposed legislation. (See related story from hearing.)

A similar bill failed last year over business concerns about government overreach. That led President Obama to announce during his State of the Union address on Tuesday that he signed an executive order on cyber security that calls for a cooperative government-business effort to protect computer systems.

A PNC Financial Services Group Inc. spokeswoman declined to speculate on the source of the sporadic attacks since September on its systems. CEO Jim Rohr has said he believes Iran was behind the “denial of service” attacks, which prevented some customers from accessing online accounts.

Iran has denied any involvement.

Foreign countries are actively spying on U.S. companies and stealing trade secrets, Ruppersberger said. Over the past year, he said, the number and sophistication of attacks by foreign countries, criminals and activists have “gotten a lot worse.”

“These cyber attacks are everywhere, attacking our businesses,” Ruppersberger said. “What worries us is a destructive attack.”

The new legislation would go further than Obama's executive order directing federal agencies to share information with private businesses and to produce strategies for thwarting attacks on key industries such as energy, transportation and banking.

The bill would increase the ability of the government and private businesses to communicate about threats and active attacks. It would give companies protection from lawsuits and antitrust violations for reporting dangerous activity and talking among each other.

Ruppersberger tried to tamp concerns about privacy, saying companies could report information only about computer and national security threats, child pornography, danger to children and imminent attacks such as a murder plot.

Both lawmakers said the federal government needs to do a better job of educating Americans about computer dangers and steps they can take to reduce them, such as updating firewall protections and ignoring email scams.

“We are in a cyber war,” Rogers told the audience. “Most Americans don't know it. Most folks in the world probably don't know it. And at this point, we're losing.”

Andrew Conte is a reporter for Total Trib Media. He can be reached at 412-320-7835 or

TribLIVE commenting policy

You are solely responsible for your comments and by using you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.