An alert Friday from the U.S. Office of the Comptroller of the Currency warned about a new wave of so-called distributed denial-of-service attacks on some of the nation’s major financial institutions. The alert said banks should share information with each other and law enforcement when attacks occur, and to give “timely and accurate” advisories to customers on website problems and precautions they can take.
Attacks starting last week have hit Atlanta-based SunTrust Banks, Inc. (NYSE: STI), PNC, Bank of America Corp. (NYSE: BAC) ,JPMorgan Chase & Co. (NYSE: JPM), U.S. Bancorp, and Wells Fargo & Co. (NYSE: WFC), according to two executives at companies providing security to some of the targeted banks, according to a Bloomberg report published Friday by American Banker.
The executives asked not to be named because they weren’t authorized to discuss clients and didn’t want their companies to become targets of computer assaults. Bloomberg said.
The Comptroller did not identify banks involved in the cyber attacks.
A group calling itself Izz ad-Din al-Qassam Cyber Fighters announced plans to attack banks in a Dec. 10 statement posted on the website pastebin.com, said Bloomberg. The group also claimed responsibility for cyber attacks in September and October against financial institutions. The attacks were carried out in response to a video uploaded to YouTube ridiculing the Prophet Muhammad, the group said.
The attacks typically send large volumes of Internet traffic to websites, causing delays and disruptions.
The comptroller’s office said the attacks can distract bank personnel to gain access to customers’ accounts, block customers from reporting suspected fraud and prevent banks from alerting customers.