Skip to: Content
Skip to: Site Navigation
Skip to: Search

Clues about who's behind recent cyber attacks on US banks

A Middle Eastern hacktivist group appeared to claim responsibility for massive denial-of-service cyber attacks on websites of six US banks. Some experts now say that claim is a 'false flag' to divert attention from the real attackers.

By Staff writer / October 2, 2012

Tourists walk past a Bank of America banking center in Times Square in New York in this June 22, 2012, file photo.

Brendan McDermid/REUTERS/File


A series of cyberattacks on the websites of six US banks is probably not the sole work of hacktivists upset about a YouTube video that denigrates the Prophet Muhammad, as early reports had conjectured. Rather, the massive denial-of-service attacks appear to have been tightly orchestrated, possibly by a single group, and may have been a bid to divert attention from other, more subtle attacks.

Skip to next paragraph

Cybersecurity experts analyzing the distributed denial of service attacks (DDoS) – which shoot data from myriad computers to make it hard to block the attempt to clog the Internet pipes at the target site – are also waiting to see if the perpetrators will strike again this week. 

The first attack occurred Sept. 18. Between 9 and 10 a.m. EDT, security companies monitoring World Wide Web traffic noticed a sudden torrent of "junk" data directed at Bank of America – which soon became a deluge of about 65 gigabytes of information per second. That's about 15 to 30 times larger than is typically seen in such cyberattacks – roughly equal to data contained in 250,000 books shot at a bank website each second. Five similar DDoS attacks on other banks would follow.

Why, and who is behind the gigantic digital bombardments?

Messages left anonymously on the Pastebin website claim that a Middle Eastern hacktivist group – "Cyber fighters of Izz ad-din Al qassam," allied to the military wing of Hamas – was responsible for the attacks. The messages said the attacks are a response by thousands in the region angered by "Innocence of Muslims," a video made in the US and posted on YouTube that Muslims consider an affront to the Prophet Muhammad.

But experts say it appears that at least two attacks were occurring at once – one by a group of individuals, and the other by an entity controlling a relatively small number of powerful, high-speed Internet Web servers. Any attacks by activists during that time were only a veil masking a powerful, orchestrated attack conducted either by cybercriminals or possibly by Iran in retaliation for harsh economic sanctions, these experts say.

"On this particular attack, an Islamic group has claimed responsibility by saying they are doing the attacks for ideological motives," Dan Holden, director of research for the Security Engineering & Response Team at Arbor Networks, says in an e-mail interview. "If true, this would be classic hacktivism. However, Arbor thinks this could be a 'false flag' operation to divert attention away from the real attackers."


  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer


Editors' picks

Doing Good


What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

Become a fan! Follow us! Google+ YouTube See our feeds!