In order to combat a wave of cyberattacks that have rattled the US banking industry since last year, the FBI has given certain banking executives extensive briefings of their classified investigations.
The collaboration is part of a new policy being initiated by the FBI to try and foster closer cooperation between authorities and the private sector. It reportedly involved a number of bank officials being given high-level security clearance before a video conference briefing last month. During the briefing, the FBI’s executive assistant director Richard McFeely urged bank executives to share any data they have on cyberattacks they’ve suffered.
Previously, the FBI’s policy has always been to keep its investigations private from banks that had fallen victim to the hacks. Clearly then, this new approach represents a drastic change of direction for the investigators, underlining just how seriously these attacks are being taken.
“[the old policy] was 180 degrees from where we are now,” admitted Mcfeely in an interview with the Reuters news agency.
A disclosure like this is a huge compromise for a notoriously secretive agency like the FBI to make, but in this case it’s one that they deemed necessary in order to encourage banks and other private sector organizations to share their own attack data. Such organizations are often reluctant to do so, either because they feel its pointless or because doing so could harm their reputations.
As to what McFeely told the bank bosses, we don’t know. This information remains confidential.
McFeely refused to be drawn on where the attacks might have originated from, but previously officials have indicated in private that Iran could be responsible. The theory is that Iran is attacking the US’s banking infrastructure in retaliation for the Stuxnet virus and other sophisticated malware that has infiltrated its computer systems – all of which is part of a long, drawn out cyberwarfare campaign aimed at forcing it to give up its development of nuclear weapons.
Iran is thought to have used a combination of its own malware programs and extremely powerful DDoS attacks against American banks, battering them with server requests in order to take their websites offline. The attacks were first noticed last summer, and have continued ever since, reaching a peak last January when US data centers were hijacked to strike at banks including HSBC, Bank of America, JPMorgan Chase & Co and Citigroup, all of which saw their online services severely disrupted.
While the financial losses and inconvenience generated by the attacks probably doesn’t amount to much in the great scheme of things, the FBI is still quite alarmed by them. And rightly so, for this kind of cyber warfare is just the tip of the iceberg with regard to Iran’s capabilities. If Iran is indeed behind the attacks, there’s a good chance it has the capability to step things up and do far greater damage.
Iran could well be ‘testing the waters’ for a much more powerful attack, which we can reasonably assume, would take place if ever the US decided to strike at its nuclear facilities.