In an era of cyberwarfare, financial institutions can find themselves in the crossfire. The U.S. government indicted seven Iranian hackers last week, charging the individuals for their roles in a 2011 series of cyber-attacks targeting at least 46 major banking institutions. The attacks, which Attorney General Loretta Lynch called “relentless,” “systematic” and “widespread,” were carried out for nearly a year and included targets such as JPMorgan Chase, Wells Fargo, Bank of America, NASDAQ, and the New York Stock Exchange.

Banks have long known of the danger posed by distributed denial-of-service (DDoS) attacks in which hackers crash a target’s network by flooding it with high levels of traffic. In this case, the Iranian programmers hit some financial institutions with DDoS attacks on a nearly weekly basis, paralyzing bank infrastructure and locking users out of online banking. Such attacks have been increasing in frequency and sophistication in recent years, with Arbor Networks’ recent Worldwide Infrastructure Security Report finding that 57 percent of financial institutions had experienced a DDoS attack, the highest rate of any sector.

Although the indictment falls short of characterizing the attacks as acts officially sanctioned by the Iranian government, intelligence experts have suggested that the campaign was orchestrated as retaliation for the United States’ alleged cyber-attack on Iran’s main nuclear enrichment plant. That attack, revealed in 2010, employed the so-called Stuxnet virus to disrupt Iranian centrifuges used in the enrichment of uranium. Not coincidentally, the recent U.S. indictment also charged the seven Iranians with launching a cyber-attack designed to take control of a small dam in New York.

Commentators remain skeptical that any of the Iranian hackers will ever be brought to trial, but one thing is certain: financial institutions must continue to improve their cybersecurity infrastructure, which may face threats not only from individuals, but potentially from foreign governments as well.

The full indictment can be downloaded here.

Tags: Arbor Networks, Bank of America, cyberwarfare, DDoS, distributed denial-of-service, Hackers, iran, JPMorgan Chase, Loretta Lynch, NASDAQ, new york, New York Stock Exchange, Stuxnet, Wells Fargo, Worldwide Infrastructure Security Report
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Norman Roos Norman Roos

Norman Roos, a member of Robinson+Cole’s Business Transactions Group, concentrates his practice on transactional, regulatory, and technology matters relating to the financial services and real estate industries. He is also a member of the firm’s Financial Services Cyber-Compliance Team and advises financial institutions…

Norman Roos, a member of Robinson+Cole’s Business Transactions Group, concentrates his practice on transactional, regulatory, and technology matters relating to the financial services and real estate industries. He is also a member of the firm’s Financial Services Cyber-Compliance Team and advises financial institutions concerning data privacy and security matters, particularly in relation to policy planning and implementation.

Mr. Roos is counsel to the Connecticut Mortgage Bankers Association, Inc., and is president-elect of the American College of Mortgage Attorneys where he has served on the Board of Regents and as Connecticut State Chair. A member of the Connecticut Bar Association, Mr. Roos is Past Chair of the Financial Institutions Law Section. He has served on a number of Connecticut Law Revision Study Committees including those on Uniform Common Interest Ownership Act, Electronic Communications, Mortgagor Liability, and Electronic Recording of Land Records. Read his full bio here.

Read more about Norman Roos
Show more Show less
Photo of Scott Baird Scott Baird

Scott M. Baird is an associate in the firm’s Business Transactions and Finance Groups, where his practice involves all aspects of corporate and securities law, including corporate governance, mergers and acquisitions, private equity and venture capital transactions, joint ventures, finance transactions, and securities…

Scott M. Baird is an associate in the firm’s Business Transactions and Finance Groups, where his practice involves all aspects of corporate and securities law, including corporate governance, mergers and acquisitions, private equity and venture capital transactions, joint ventures, finance transactions, and securities law and compliance. He focuses on new legislation as well as regulatory and compliance matters involving financial service institutions. Read his full rc.com bio.

Read more about Scott Baird
Show more Show less
Related Posts
Joint Alert Warns of Medusa Ransomware
March 20, 2025
MS-ISAC Loses Funding and Cooperative Agreement with CIS
March 13, 2025
X Hit with DDoS Attack
March 13, 2025