FBI briefs US bank executives on wave of cyberattacks

Iran still suspected

The FBI has reportedly briefed US bank executives on a wave of cyberattacks that have lashed the industry since last summer as part of a new policy designed to foster co-operation between the state and private sectors.

According to comments made at a Reuters event by FBI executive assistant director Richard McFeely, the Bureau had carried out a large videoconference with dozens of bank heads across the US last month to urge them to share data on the attacks they are experiencing.

In the past the organisation had conducted its investigations without keeping victim firms - in this case banks - informed, he admitted.

"That's 180 degrees from where we are now," Reuters reported him as saying of the FBI's change of approach.

For their part, many private sector organisations were still reluctant to offer up attack data, probably because they saw little tangible point in doing so.

Exactly what McFeely told the bank bosses about the attacks is still confidential.

He refused to be drawn on their origin but sources close to US officials have previously privately accused Iran of being behind them as part of a low-key cyberwar that probably represents retaliation for the US's unleashing of a clutch of Stuxnetlike cyberweapons against Iran since 2007.

Malware is said to have been involved in the recent attacks although the most obvious evidence has been the waves of large and sophisticated realtime DDoS attacks battering customer-facing bank websites.

These started last summer and have spiked at intervals ever since with a peak in January. One public 'campaigning' face of these attacks is the Izz ad-Din al-Qassam Cyber Fighters hacker group which is seen as being half Iranian Anonymous and half an arm of the Iranian State.

For its part Iran has also fired back accusations that it nuclear programme is still under attack even in the post-Stuxnet period.

To many in the security industry the two-way exchange is nothing less than the first sustained cyberwar between two states, neither of which is yet prepared to admit as much.

That could turn out to be an unexpected feature of early cyberwar - its invisbility.

Join the CSO newsletter!

Error: Please check your email address.

Tags Reuterssecurityfbi

More about FBIReuters Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place