Could Iran Be Behind the Online Attacks on US Banks?

Jason Gewirtz

The U.S. intelligence community is focused on Iran after a series of web outages at American banks.

JP Morgan Chase

Internet Security
Crocodile Images | Getty Images

and Bank of America both suffered internet based problems on their computer systems this week. For a second day Thursday, some customers visiting the Chase site were temporarily unable to access their accounts, while the BofA site experienced some slowness, causing problems for its customers Tuesday.

While neither bank has confirmed they were victims of cyber-hacking, the former head of cyber-security for the White House believes it's likely they were victims.

“We were waiting for something like this from Iran,” said Frank Cilluffo, who served as Special Assistant to the President for Homeland Security for President George W. Bush. He's currently an associate Vice President at George Washington University and heads the Homeland Security Policy Institute.

NBC News Thursday reported that last Friday, the Pentagon issued a highly classified intelligence document on Iranian cyber attacks against U.S. financial institutions. It also quoted national security officials saying the government of Iran was behind the slowdowns on the bank websites

A spokesman for Chase said the problem was solved later Thursday. He said the website had not been down, but it was slow. Customers trying to get on the site were “clogging the pipe,” making access difficult for some users.

“We apologize for the frustration this may have caused,” he said.

The spokesman declined comment on whether the site’s problems were the result of a cyber attack.

Cilluffo testified this morning before the U.S. House of Representatives’ Committee on Homeland Security saying, "The government of Iran and its terrorist proxies are serious concerns in the cyber context. What Iran may lack in capability, it makes up for in intent. They do not need highly sophisticated capabilities just intent and cash—as there exists an arms bazaar of cyber weapons, allowing Iran to buy or rent the tools they need or seek.”

In an interview, he later said, “Iran has been very outspoken recently about their capabilities which says to me, they’re most definitely turning resources in this direction. The Islamic Revolutionary Guard and Iran’s Basij forces have become more and more sophisticated in conducting these kinds of attacks.”

The Pentagon, Headquarters Of The Us Department Of Defense.
Getty Images

This week, a group monitoring cyber-attacks against the U.S. financial industry called, The Financial Services Information Sharing and Analysis Center, raised its security status citing "recent credible intelligence regarding the potential” for internet based attacks.

The FS-ISAC has not responded to emails or phone calls from CNBC.

In the last few years, reports have surfaced saying the United States and Israel were possibly behind a series of computer attacks targeting the Islamic Republic’s nuclear program. Programs like Stuxnet, Flame, and another program that blasted music by ACDC when Iranian engineers turned on their computers has not been traced back to any country, corporation or individual.

Regardless, experts on cyber warfare have said the danger in launching these kinds of attacks is that just like with a missile or physical weapon, the technology can be reverse engineered and directed outward.

Cilluffo has warned that the U.S. was neither equipped nor prepared for government sponsored attacks on web infrastructure.

While suspicion points to Iran in the attacks directed at U.S. banks, it’ll take some time before any definite proof is uncovered. But Cilluffo said, “It is definitely possible to find the smoking keyboard. And Iran feels like it owes us one.”