In the past my forte albeit a passing [now back to weather>always a passion] was dealing with computer security in the area of malware and viruses and a bit of cracking and dare I say hacking. I will add I was one of the good guys [white hat/grey hat/blue hat] trying to help folks out and keep them safe. I only used my abilities when someone I knew was having trouble or there was some shit going around that was affecting many. I would find the bug, analyze it and share my results with a select few reputable good folks still active today on the intranet.
Just as with other types of snooze, propaganda and disinformation is key to laying blame. Also like other snooze we never get the truth of who did what only the he said they said shit. One of the best uses of this type of disinformation is when sources make a claim and then have ‘no evidence to back the claim’ or they cite ‘unnamed sources’ for fear of exposing them or the real culprits, which 6 out of 10 times turns out to be the unnamed source. Do you understand that ? It’s the old ‘pot calling the kettle black’ routine. Shifting the blame and diverting attention elsewhere, spy vs spy.
Anyway, here are 5 theories on who or what was responsible for the outages. I lean heavily on the fourth due to the fact the person is a security expert and has nothing to gain by spreading disinformation.
The unexplained outages last week on the public websites of Bank of America and JPMorgan Chase have led to as many as five theories about the source.
The attacks were not catastrophic — the problems at both Bank of America and JPMorgan Chase were relatively brief and intermittent. But Bill Pennington, chief strategy officer at WhiteHat Security, told InformationWeek that last week’s attacks may be only the beginning. “It’s probably going to get worse before it gets better,” he said.
Still, much of the buzz was about trying to figure out where they came from. Sen. Joseph Lieberman (I-Conn), chairman of the Senate Homeland Security Committee, offered Theory One last week in an interview on C-SPAN’s Newsmakers, saying he believes a unit of Iran’s Revolutionary Guard Corps was behind the disruptions.
Lieberman gave no evidence to support the claim, and Iran denied it, claiming the U.S. was trying to “demonize” Iran, but there is certainly motive. As Bloomberg and other outlets reported, the U.S. has been leading the imposition of economic sanctions on Iran, trying to slow or stop its capability to build a nuclear weapon.
There is also the admission by U.S. officials several months ago that the U.S. was involved with Israel in efforts to sabotage Iran’s nuclear program with a computer worm labeled Stuxnet. The malware temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.
The Washington Post, citing unnamed U.S. intelligence and industry officials, reported last month, “Iranian cyberforces attempted to disrupt the Web sites of oil companies in the Middle East by routing their efforts through major U.S. telecommunications companies, including AT&T and Level 3.”
“The effort did not cause serious disruptions, but it was the largest attempted denial-of-service attack against AT&T ‘by an order of magnitude,’ said one of the industry officials,” the Post reported.
The second theory comes from a message on Pastebin claiming to be from “cyber fighters of Izz ad-din Al qassam” — the military wing of Hamas, the Islamic party that governs the Gaza Strip — declaring that it would attack Bank of America and the New York Stock Exchange (NYSE) as a first step in a campaign against “American-Zionist Capitalists,” and that the “attack will continue until the Erasing of that nasty movie” — a reference to a trailer of the independent film “Innocence of Muslims,” which Muslims say insults the prophet Mohammed.
The third theory is based on a fraud alert issued last week by the FBI, warning financial services firms that cybercriminals might try to disrupt their websites in an effort to distract them from noticing fraudulent wire transfers.
Two days after that alert, The Financial Services Information Sharing and Analysis Center (FS-ISAC), a group owned by dozens of large firms including Bank of America and JPMorgan Chase, raised the cyber threat level to “high” from “elevated” in an advisory to members.
The fourth theory says it was not an attack at all. WhiteHat’s Bill Pennington, noting the recent outage at GoDaddy that was caused by an internal technical error, said it was possible that the multiple slowdowns and outages were simply a coincidence. That theory gains a bit of weight from the fact that there was no perceptible problem with the NYSE — one of the declared targets of the Hamas group.
Jason Healey of the Atlantic Council, shares a fifth theory: That they might have been “simply a low-level attack in their own right, intended only to be disruptive to the websites themselves, and not to provide cover for other attacks,” said Healey, a former security official at the White House and at Goldman Sachs.
“This is frankly common, with attacks by anti-capitalist groups, especially if there happens to be an IMF (International Monetary Fund), WEF (World Economic Forum), G7 or other conference,” he said.