Iran has once again been accused of being behind a huge wave of DDoS cyberattacks directed against US banks and financial institutions for at least the last six months.
DDoS attacks against banks are part and parcel of everyday business in the sector but there is no question that the scale and persistence of the assaults against banks in the US has always marked it out as unusual.
Increasingly, what started as a battle could now little by little, packet by packet, be turning into the world’s first ever sustained cyberwar.
HSBC, Bank of America, JPMorgan Chase & Co and Citigroup have all been hit and with some economic cost – many Internet banks users have found their services at times severely disrupted.
“There is no doubt within the US government that Iran is behind these attacks,” commented former State and Commerce Department official, James A. Lewis, to The New York Times.
Neither he nor any of the other sources quoted by US media have not offered any new evidence beyond claiming that the size of the attacks alone – said to be several times that of the infamous Russian attacks that slowed Estonia to a crawl in 2007 – marked them out as the work of a state with resources.
On one of the few occasions it has commented on the matter in September, Iran denied launching the attacks.
Given that few even outside the US take these denials seriously, the remaining question is how Iran is managing to overcome counter-measures to continue such attacks.
Iran will see itself as retaliating for a wave of sophisticated attacks since 2007 so mysterious and complex that only the US and Israel could possibly be behind them.
These have included Stuxnet but there have been several since then, including last year’s enigmatic and multi-pronged Flame malware, both ostensibly aimed at Iran’s nuclear industry and military.
With neither side backing down, many now privately characterise the battle between Iran and the US as a potentially serious development.