US mulls retaliation as Iranian DDoS campaign continues
US banks ask for help, says report
Iran’s alleged relentless and at times massive DDoS campaign against US banks is starting to take its toll with several demanding government help to fend it off, it has been reported.
We should underline the word ‘alleged’ in that sentence but few experts privately doubt where the attacks, which started last September, originate. None will go on the record - yet.
As noted by Techword earlier this week, security management firms Prolexic and Arbor Networks have both reported huge, multi-pronged, real-time attacks on US banks in recent months, peaking as high as 75-80Gbps.
Related Articles on Techworld
That level of traffic makes them among the largest such sustained DDoS events ever recorded and inherently difficult and expensive to beat back. Numerous banks have reported problems, many of them affecting customers.
“The frequency, size and complexity has ramped up to the extent you could call it a cyberwar,” Prolexic CEO, Scott Hammack told Techworld.
According to The Wall Street Journal, bank officials have now asked the US Government to intervene, which is weighing up how to react.
Retaliation is mentioned as one option – “all options are on the table” one unamed official told the newspaper. In December, officials had convened a meeting to discuss the attacks.
If the US does fight back, hitting the proxies being used will be a non-starter; many of these are compromised hosts in other parts of the word and one or more steps away from Iran and its helpers.
If these servers were deactivated in cooperation with their owners, the attackers could just move to new ones.
Direct action against the country’s computer infrastructure would be the other option but carrying out a verifiable attack would mark a dangerous if long-predicted escalation into an official cyberwar with no clear rules of engagement.
As well as harbouring an obvious grudge against the US over crippling economic sanctions imposed on it, Iran might also feel the DDoS attacks are pay-back for cyberweapon attacks such as Stuxnet and Flame, now routinely attributed to the US and its allies as part of a campaign targeting its nuclear programme.
Iran has always denied involvment in the attacks on US banks
Iran is also believed to have been involved with – and victim of – a spate of attacks that plagued the Middle Eastern oil industry last summer.
Last March Iran was quietly but publically blamed for a short but nasty DDoS attack that targeted the BBC, overloading email and phone services as well as websites for a period of days.