NBC News recently reported, and U.S. national security officials and other experts have confirmed, recent cyber attacks on Bank of America and JPMorgan Chase were actually carried out by the Iranian government in retaliation for U.S. sanctions on Iranian banks.
The attack on Bank of America’s consumer banking Web site caused the Web site to be unavailable to some customers over a period of days. And, while JPMorgan Chase had similar problems with its consumer site, Chase refused to directly blame those difficulties on a denial-of-service attack.
Warnings of impending attacks have come from several quarters. According to NBC News, Iranian cyber attacks have been the subject of interest by U.S. intelligence for weeks. J-2, the Joint Chiefs of Staff’s Intelligence Directorate, confirmed that Iran was conducting cyberattacks against U.S. financial institutions in a report described as “highly classified.”
The Financial Services Information Sharing and Analysis Center, a forum for collaboration on critical security threats facing the financial services sector warned U.S. banks, brokerages and insurers to be on heightened alert for cyber attack and raised its cyberthreat level from “elevated” to “high.”
A Special Assistant to the President for Homeland Security under George W. Bush, Frank Cilluffo, is an associate vice president at George Washington University who heads up the Homeland Security Policy Institute. Cilluffo testified before the House of Representatives’ Committee on Homeland Security, that “the government of Iran and its terrorist proxies are serious concerns in the cyber context. What Iran may lack in capability, it makes up for in intent. They do not need highly sophisticated capabilities—just intent and cash—as there exists an arms bazaar of cyberweapons, allowing Iran to buy or rent the tools they need or seek.”