Skip to main content

US Withholds Evidence for Iran Cyberattacks

Computer experts say they believe Iran is responsible for a barrage of attacks on the websites of US banks but that the Obama administration should reveal how it knows this and acknowledge responsibility for its own cyberattacks on Iran.
John Bumgarner, a cyber warfare expert who is chief technology officer of the U.S. Cyber Consequences Unit, a non-profit group that studies the impact of cyber threats, works on his laptop computer during a portrait session in Charlotte, North Carolina December 1, 2011. A cyber warfare expert claims he has linked the Stuxnet computer virus that attacked Iran's nuclear program in 2010 to Conficker, a mysterious worm that surfaced in late 2008 and infected millions of PCs. Conficker was used to open back door

Iran is a logical suspect in a barrage of cyberattacks that have hit major US and international banks in recent months.

The so-called distributed denial of service attacks (DDoS) – which make it hard to access websites that are being bombarded with requests from hacker-run computers – seem understandable for two reasons: They could be revenge for the computer viruses such as Stuxnet that destroyed more than 1,000 Iranian centrifuges in 2010 and other covert assaults on Iran’s nuclear program. They could also be a response to draconian US-led sanctions on Iranian banks that are making it difficult for Iran to conduct normal trade and especially to repatriate money from oil exports.

Cyber experts who have spoken to US officials say they are convinced that the culprit is a government  and that that government is Iran’s. But neither the Treasury Department nor the White House would confirm this — just as the Barack Obama administration declines to comment on allegations about its own covert warfare against Iran’s nuclear activities.

Jason Healey, director of the Cyber Statecraft Initiative of the Atlantic Council, a Washington think tank, told Al-Monitor that “the attacks by Iran on the US finance sector have been one of the most serious cyber conflicts. The DDoS attacks have been far, far larger than any than have ever been seen, much more severe than any organization could easily defend itself against, like trying to channel a tsunami through a normal water pipe.”

Healey added that the US “government and banks have been very clear about the Iranian responsibility.

I absolutely believe them — people I deeply trust are quite convinced — but given the stakes they need to be more clear about why everyone else should believe them.”

Iranian officials deny responsibility for the attacks, which have hit the online sites of banks including Bank of America, Citigroup, Wells Fargo, PNC and BB&T.

"The Islamic Republic of Iran categorically denies the avalanche of baseless accusations that aim to tarnish Iran’s image in the international community,” said Alireza Miryousefi, the spokesman at the Iranian Mission to the United Nations.

“Unlike the United States, which has per reports in the media given itself the license to engage in illegal cyberwarfare against Iran, Iran respects the international law and refrains from targeting other nations' economic or financial institutions,” Miryousefi continued in an email to Al-Monitor. “The government of Iran has complained to the United Nations regarding the illegal cyberwarfare and other manifestations of unlawful hostility toward Iran, such as the murder of its nuclear scientists. Iran condemns any act of cyberwarfare that violates the sovereign rights of nations and targets the vital institutions serving ordinary people. The malicious false allegations against Iran are aimed at demonizing Iran and provide the excuse for further actions."

Healey said the cyberattacks against US banks began early in 2012 and that so far, they have not involved breaking into individual accounts or stealing money — another reason why experts believe that a government, not private hackers, is responsible. 

Nevertheless, the attacks have led banks to spend millions of dollars on defensive and remedial measures, according to the Wall Street Journal, which also reported this week (Jan. 16) that US financial institutions are asking the Obama administration to do something to stop the onslaught.

What it can do is unclear, especially at a time when the US government is also urging Iran to agree to return to negotiations  over its nuclear program and would seem to prefer a de-escalation in the long-running shadow war between the two countries.

According to the Wall Street Journal, the latest cyberattacks are particularly difficult to stop because “they are coming from computers that could have legitimate reasons to communicate with the banks” and “roughly half of those computers are overseas and out of the reach of US law enforcement.”

The issue of cyberwarfare is a growing concern for security experts given the growing sophistication and spread of computer viruses and the possibility that critical infrastructure could be compromised.

Healey wrote last year that Stuxnet — widely attributed to the US and Israel — was not in the US national interest even if it did set back the Iranian uranium enrichment program by a few months or perhaps a year.

After the virus accidently spread from Iranian computers and was discovered, according to Healey, “few in the world will ever believe the peaceful motives of the United States in cyberspace again, giving us even less leverage to ensure this new cyber dimension develops in a way encompassing America’s wider economic and security interests.”

A group calling itself the Martyr Izz ad-Din al-Qassam Cyber Fighters has taken responsibility for the cyberattacks on American banks. In a message posted on its website on Jan. 1, the group warned “officials of American banks must expect our massive attacks. … From now on, none of the US banks will be safe.”

Barbara Slavin is Washington correspondent for Al-Monitor and a senior fellow at the Atlantic Council, where she focuses on Iran. She tweets @BarbaraSlavin1.

Join hundreds of Middle East professionals with Al-Monitor PRO.

Business and policy professionals use PRO to monitor the regional economy and improve their reports, memos and presentations. Try it for free and cancel anytime.

Already a Member? Sign in


The Middle East's Best Newsletters

Join over 50,000 readers who access our journalists dedicated newsletters, covering the top political, security, business and tech issues across the region each week.
Delivered straight to your inbox.


What's included:
Our Expertise

Free newsletters available:

  • The Takeaway & Week in Review
  • Middle East Minute (AM)
  • Daily Briefing (PM)
  • Business & Tech Briefing
  • Security Briefing
  • Gulf Briefing
  • Israel Briefing
  • Palestine Briefing
  • Turkey Briefing
  • Iraq Briefing

Premium Membership

Join the Middle East's most notable experts for premium memos, trend reports, live video Q&A, and intimate in-person events, each detailing exclusive insights on business and geopolitical trends shaping the region.

$25.00 / month
billed annually

Become Member Start with 1-week free trial
What's included:
Our Expertise AI-driven

Memos - premium analytical writing: actionable insights on markets and geopolitics.

Live Video Q&A - Hear from our top journalists and regional experts.

Special Events - Intimate in-person events with business & political VIPs.

Trend Reports - Deep dive analysis on market updates.

All premium Industry Newsletters - Monitor the Middle East's most important industries. Prioritize your target industries for weekly review:

  • Capital Markets & Private Equity
  • Venture Capital & Startups
  • Green Energy
  • Supply Chain
  • Sustainable Development
  • Leading Edge Technology
  • Oil & Gas
  • Real Estate & Construction
  • Banking

We also offer team plans. Please send an email to and we'll onboard your team.

Already a Member? Sign in

Start your PRO membership today.

Join the Middle East's top business and policy professionals to access exclusive PRO insights today.

Join Al-Monitor PRO Start with 1-week free trial