American Express customers trying to gain access to their online accounts Thursday were met with blank screens or an ominous ancient type face.
The company confirmed that its Web site had come under attack.
The assault, which took American Express offline for two hours, was the latest in an intensifying campaign of unusually powerful attacks on American financial institutions that began last September and have taken dozens of them offline intermittently, costing millions of dollars.
JPMorgan Chase was taken offline by a similar attack this month. And last week, a separate, aggressive attack incapacitated 32,000 computers at South Korea’s banks and television networks.
The culprits of these attacks, officials and experts say, appear intent on disabling financial transactions and operations.
Corporate leaders have long feared online attacks aimed at financial fraud or economic espionage, but now a new threat has taken hold: attackers, possibly with state backing, who seem bent on destruction.
“The attacks have changed from espionage to destruction,” said Alan Paller, director of research at the SANS Institute, a cybersecurity training organization. “Nations are actively testing how far they can go before we will respond.”
Security experts who studied the attacks said that it was part of the same campaign that took down the Web sites of JPMorgan Chase, Wells Fargo, Bank of America and others over the last six months. A group that calls itself the Izz ad-Din al-Qassam Cyber Fighters has claimed responsibility for those attacks.
The group says it is retaliating for an anti-Islamic video posted on YouTube last fall. But American intelligence officials and industry investigators say they believe the group is a convenient cover for Iran. Just how tight the connection is — or whether the group is acting on direct orders from the Iranian government — is unclear. Government officials and bank executives have failed to produce a smoking gun.
North Korea is considered the most likely source of the attacks on South Korea, though investigators are struggling to follow the digital trail, a process that could take months. The North Korean government of Kim Jong-un has openly declared that it is seeking online targets in its neighbor to the south to exact economic damage.
Representatives of American Express confirmed that the company was under attack Thursday, but said that there was no evidence that customer data had been compromised. A representative of the Federal Bureau of Investigation did not respond to a request for comment on the American Express attack.
Spokesmen for JPMorgan Chase said they would not talk about the recent attack there, its origins or its consequences. JPMorgan has openly acknowledged previous denial of service attacks. But the size and severity of the most recent one apparently led it to reconsider.
The Obama administration has publicly urged companies to be more transparent about attacks, but often security experts and lawyers give the opposite advice.
The largest contingent of instigators of attacks in the private sector, government officials and researchers say, remains Chinese hackers intent on stealing corporate secrets.
The Latest Bing News on:
Cyberattacks
- Iran’s evolving influence operations and cyberattacks support Hamason March 28, 2024 at 1:05 pm
Understanding how Iranian and Iran-affiliated threats traverse 3 distinct phases may help identify vulnerabilities and attack vectors.
- Cybersecurity Best Practices To Prevent Cyberattacks In 2024on March 28, 2024 at 10:30 am
Spread the loveIn an era where our reliance on technology continues to surge, the importance of cybersecurity has never been more pronounced. As we move into 2024, personal and corporate data across ...
- Cyberattacks Against Health Care Industry Are Cause for Concernon March 28, 2024 at 9:26 am
Cyberattacks against hospitals can threaten patient data privacy, incapacitate billing and appointment scheduling systems, disable equipment, and, in extreme cases, can cause the temporary shutdown of ...
- UnitedHealth Group paid over $3.3 billion to care providers hit by cyberattackson March 28, 2024 at 1:11 am
U.S. insurer UnitedHealth Group on Wednesday said it has advanced more than $3.3 billion so far to care providers impacted by a cyberattack last month on insurance claims system Change Healthcare.
- Microsoft: 87% of UK Businesses Are Unprepared for Cyberattackson March 26, 2024 at 2:21 pm
Microsoft has called on UK business leaders to "fight fire with fire" by adopting AI cybersecurity tools to defend themselves from cyberattacks.
- US Charges China-Backed Hackers With 14 Years of Cyberattackson March 26, 2024 at 7:40 am
The hackers were allegedly part of a network run by Beijing's spy agency that targeted China critics and intellectual property.
- Forbes Daily: Cyberattacks Targeting AI Vulnerabilities Hit ‘Well-Known’ Companieson March 26, 2024 at 5:17 am
Tuesday's edition of Forbes Daily covers Baltimore bridge collapse, who could replace Boeing CEO Dave Calhoun, Trump going public, highest paid MLB players and more.
- U.S., U.K., and New Zealand Accuse China of Cyberattacks Targeting Politicians, Voterson March 25, 2024 at 6:45 pm
Both the U.S. and U.K. announced sanctions against two of those individuals, as well as a firm in Wuhan, China, called Wuhan Xiaoruizhi Science and Technology Co. The U.S. alleged it was a front that ...
- U.K. Accuses China of Cyberattacks Targeting Voter Data and Lawmakerson March 25, 2024 at 11:03 am
The British government believes China has overseen two separate hacking campaigns, including one that yielded information from 40 million voters.
- UK government expected to attribute cyberattacks on election watchdog to Chinese hackerson March 25, 2024 at 8:18 am
The British government is poised to attribute a series of cyberattacks against the U.K.'s election watchdog and lawmakers to hackers associated with China.
The Latest Google Headlines on:
Cyberattacks
[google_news title=”” keyword=”cyberattacks” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
[/vc_column_text]
The Latest Bing News on:
Denial-of-service attack
- Federal Agencies Issue New Warning About DDoS Attackson March 26, 2024 at 1:48 pm
As this specific type of cyber attack continues to spike, the federal government is calling for increased alert and defenses from state, local, tribal and territorial governments.
- New “Loop” DoS Attack Could Bring Down Vulnerable Systems Using Just One Serveron March 25, 2024 at 9:00 am
The Loop DoS attack essentially generates an endless chain of error messages that will eventually exhaust all available resources and take vulnerable systems offline, with no way for the attacker to ...
- Some 300,000 IPs vulnerable to this Loop DoS attackon March 24, 2024 at 11:37 am
As many as 300,000 servers or devices on the public internet are thought to be vulnerable right now to the recently disclosed Loop Denial-of-Service technique that works against some UDP-based ...
- Revised CISA Guidance on DDoS Offers New Attack Classifications & Threat Mitigationson March 22, 2024 at 2:20 pm
Looking for the latest Government Contracting News? Read about Revised CISA Guidance on DDoS Offers New Attack Classifications & Threat Mitigations.
- FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alerton March 21, 2024 at 3:20 pm
You better watch out, you better not cry, better not pout, they're telling you why The US government has recommended a series of steps that critical infrastructure operators should take to prevent ...
- Thousands of online systems could be victim of dangerous new DoS attackon March 21, 2024 at 7:00 am
Roughly 300,000 internet hosts are said to be vulnerable to this exploit, with Broadcom, Cisco, Honeywell, Microsoft, and MikroTik all confirming being affected. By submitting your information you ...
- UDP-based network communications face critical denial-of-service attackson March 21, 2024 at 5:12 am
“Implementations of UDP application protocol are vulnerable to network loops,” according to the vulnerability’s NVD entry. “An unauthenticated attacker can use maliciously crafted packets against a ...
- New ‘Loop DoS’ attack may impact up to 300,000 online systemson March 20, 2024 at 12:40 pm
A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic.
- New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systemson March 20, 2024 at 7:51 am
Researchers uncover a new DoS attack vector targeting UDP-based application protocols, potentially endangering hundreds of thousands of hosts.
- 300,000 Systems Vulnerable to New Loop DoS Attackon March 20, 2024 at 2:03 am
Academic researchers describe a new application-layer loop DoS attack affecting Broadcom, Honeywell, Microsoft and MikroTik.
The Latest Google Headlines on:
Denial-of-service attack
[google_news title=”” keyword=”Denial-of-service attack” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]