[ISN] Islamic jihackers -- coming soon to a bank near you

From: InfoSec News <alerts_at_private>
Date: Wed, 19 Dec 2012 00:56:44 -0600 (CST)

By Willard Foxton
Tech business
The Telegraph
December 18th, 2012

While our fumbling politicians and toothless regulators aren't having 
much success at dealing with out-of-control, too-big-to fail-banks, it 
seems that online cyber-jihadis are having some success in damaging 

Last week, a group calling itself the "Izz ad-Din al-Qassam Cyber 
Fighters" (named for an islamic militant killed by British Troops in 
Palestine in the 1930s) issued a warning on Pastebin that it would 
target US banks, in protest over YouTube not removing the film The 
Innocence of Muslims. Since then, they've made good on their threat. 
Institutions including Bank of America, PNC Financial Services Group, 
and SunTrust have seen large-scale denial of service attacks on their 
websites, which successfully brought down online banking services this 
week. It's only a matter of time before cyber-activists – be they 
islamists, anti-capitalists, or just kids having a laugh – target 
British banks.

The trouble is, UK banking technology isn't really up to resisting 
sophisticated attacks. Almost all our banks rely on old, unusually 
vulnerable systems at critical points in their architecture. We all 
remember the huge RBS outage earlier this year; it was caused by 
outdated systems using different programming languages failing to talk 
to each other.

That wasn't the only broken system; it was just the first one the UK 
media noticed. On New Year’s Eve last year, Lloyds TSB chip and pin 
machines double-charged 200,000 transactions, because the antique 
programming language that underpinned the system went wrong; in 
Australia in 2010 a catastrophic failure at National Australia Bank 
stopped customers being able to use their debit cards for over a week.


Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
Received on Tue Dec 18 2012 - 22:56:44 PST

This archive was generated by hypermail 2.2.0 : Tue Dec 18 2012 - 23:00:25 PST