The latest waves of cyberattacks against U.S. banks like the one that stalled Wells Fargos website for part of Tuesday afternoon appear to be growing larger and more sophisticated, industry experts say.
The denial of service attacks, which flood a banks website with traffic to lock out legitimate customers, now tend to target more banks over the course of a day or week. They also may change their tactics hour by hour, making it harder for banks to get their sites back up.
Banks have said little publicly about the attacks, beyond assuring customers that their data are safe. But companies that specialize in bank security say banks are investing more heavily in systems aimed at preventing them.
This is the longest cyberattack on an industry sector that weve ever experienced on the face of the earth, said Carl Herberger, vice president of security solutions at Radware, which works with banks and other companies on security.
No longer are these attacks being shrugged off by any of the commercial banks. People understand its really serious.
Charlotte-based Bank of America has disclosed in regulatory filings that its been the victim of cyberattacks, and its website has periodically malfunctioned during times when the attacks were frequent.
Before this week, Wells had been the victim of apparent attacks in September and December, according to news accounts. Asked about Tuesdays website slowdown, a Wells spokesman said the bank believes it experienced a denial of service attack, and that customer information is safe.
Winston-Salems BB&T also has said its been subject to denial of service attacks. PNC Bank, JPMorgan Chase, Citigroup, Regions and SunTrust also have been targeted, according to Bank Info Security, a trade publication that tracks the issue.
The attacks against U.S. banks have come in periodic waves since September, when a group calling itself the Izz ad-Din al-Qassam Cyber Fighters first threatened cyberattacks.
During each wave, the group has posted a weekly list of the banks it claims to have targeted the week before.
Their messages describe the group as a militant Islamic organization and claim the attacks are a response to an online video mocking the Prophet Muhammad.
Security analysts say its nearly impossible to determine where the attacks come from, but they say they appear to have a large organization behind them. Some officials, including U.S. Sen. Joe Lieberman of Connecticut, have pointed to nations like Iran as a possible source of the attacks.
Said Herberger: Clearly these arent just two kids sitting in a basement pecking away all day. This is the big boy league.
Marty Meyer, president of attack-prevention company Corero Network Security, called 2013 the watershed year for bank investment in security projects.
This is just the point in time where theres been enough critical mass of these attacks where people know about it, Meyer said.
In nearly every case, the banks have said that no personal information was compromised. The Office of the Comptroller of the Currency warned banks in December, however, that the attacks could be used to distract information security staff while attempting to get access to consumer accounts.
The regulator directed banks to review their security strategies and to share information with each other.
Wells Fargo customers also reported Wednesday morning that their debit cards were not working. The bank said the issue was unrelated to the website slowdowns. Spokesman Josh Dunn said the debit card problems were due to a Visa technical glitch that was fixed by midday.
Dunn: 704-358-5235 Twitter: @andrew_dunn
The Charlotte Observer welcomes your comments on news of the day. The more voices engaged in conversation, the better for us all, but do keep it civil. Please refrain from profanity, obscenity, spam, name-calling or attacking others for their views.
Have a news tip? You can send it to a local news editor; email email@example.com to send us your tip - or - consider joining the Public Insight Network and become a source for The Charlotte Observer.Read moreRead less