Iran is a logical suspect in a barrage of cyberattacks that have hit major US and international banks in recent months.
The so-called distributed denial of service attacks (DDoS) – which make it hard to access websites that are being bombarded with requests from hacker-run computers – seem understandable for two reasons: They could be revenge for the computer viruses such as Stuxnet that destroyed more than 1,000 Iranian centrifuges in 2010 and other covert assaults on Iran’s nuclear program. They could also be a response to draconian US-led sanctions on Iranian banks that are making it difficult for Iran to conduct normal trade and especially to repatriate money from oil exports.
Cyber experts who have spoken to US officials say they are convinced that the culprit is a government and that that government is Iran’s. But neither the Treasury Department nor the White House would confirm this — just as the Barack Obama administration declines to comment on allegations about its own covert warfare against Iran’s nuclear activities.
Jason Healey, director of the Cyber Statecraft Initiative of the Atlantic Council, a Washington think tank, told Al-Monitor that “the attacks by Iran on the US finance sector have been one of the most serious cyber conflicts. The DDoS attacks have been far, far larger than any than have ever been seen, much more severe than any organization could easily defend itself against, like trying to channel a tsunami through a normal water pipe.”
Healey added that the US “government and banks have been very clear about the Iranian responsibility.
I absolutely believe them — people I deeply trust are quite convinced — but given the stakes they need to be more clear about why everyone else should believe them.”
Iranian officials deny responsibility for the attacks, which have hit the online sites of banks including Bank of America, Citigroup, Wells Fargo, PNC and BB&T.
"The Islamic Republic of Iran categorically denies the avalanche of baseless accusations that aim to tarnish Iran’s image in the international community,” said Alireza Miryousefi, the spokesman at the Iranian Mission to the United Nations.
“Unlike the United States, which has per reports in the media given itself the license to engage in illegal cyberwarfare against Iran, Iran respects the international law and refrains from targeting other nations' economic or financial institutions,” Miryousefi continued in an email to Al-Monitor. “The government of Iran has complained to the United Nations regarding the illegal cyberwarfare and other manifestations of unlawful hostility toward Iran, such as the murder of its nuclear scientists. Iran condemns any act of cyberwarfare that violates the sovereign rights of nations and targets the vital institutions serving ordinary people. The malicious false allegations against Iran are aimed at demonizing Iran and provide the excuse for further actions."
Healey said the cyberattacks against US banks began early in 2012 and that so far, they have not involved breaking into individual accounts or stealing money — another reason why experts believe that a government, not private hackers, is responsible.
Nevertheless, the attacks have led banks to spend millions of dollars on defensive and remedial measures, according to the Wall Street Journal, which also reported this week (Jan. 16) that US financial institutions are asking the Obama administration to do something to stop the onslaught.
What it can do is unclear, especially at a time when the US government is also urging Iran to agree to return to negotiations over its nuclear program and would seem to prefer a de-escalation in the long-running shadow war between the two countries.
According to the Wall Street Journal, the latest cyberattacks are particularly difficult to stop because “they are coming from computers that could have legitimate reasons to communicate with the banks” and “roughly half of those computers are overseas and out of the reach of US law enforcement.”
The issue of cyberwarfare is a growing concern for security experts given the growing sophistication and spread of computer viruses and the possibility that critical infrastructure could be compromised.
Healey wrote last year that Stuxnet — widely attributed to the US and Israel — was not in the US national interest even if it did set back the Iranian uranium enrichment program by a few months or perhaps a year.
After the virus accidently spread from Iranian computers and was discovered, according to Healey, “few in the world will ever believe the peaceful motives of the United States in cyberspace again, giving us even less leverage to ensure this new cyber dimension develops in a way encompassing America’s wider economic and security interests.”
A group calling itself the Martyr Izz ad-Din al-Qassam Cyber Fighters has taken responsibility for the cyberattacks on American banks. In a message posted on its website on Jan. 1, the group warned “officials of American banks must expect our massive attacks. … From now on, none of the US banks will be safe.”
Barbara Slavin is Washington correspondent for Al-Monitor and a senior fellow at the Atlantic Council, where she focuses on Iran. She tweets @BarbaraSlavin1.