LITTLE ROCK — Iran recently has mounted a series of disruptive computer attacks against major U.S. banks and other companies in apparent retaliation for Western economic sanctions aimed at halting its nuclear program, according to U.S. intelligence and other officials.
In particular, assaults last week on the websites of JPMorgan Chase and Bank of America probably were carried out by Iran, Sen. Joe Lieberman, I-Conn., chairman of the Homeland Security and Governmental Affairs Committee, said Friday.
“I don’t believe these were just hackers who were skilled enough to cause disruption of the websites,” said Lieberman in an interview taped for C-SPAN’s Newsmakers program. “I think this was done by Iran and the Quds Force, which has its own developing cyber-attack capability.” The Quds Force is a special unit of Iran’s Revolutionary Guard Corps, a branch of the military.
Lieberman said he believed the efforts were in response to “the increasingly strong economic sanctions that the United States and our European allies have put on Iranian financial institutions.”
U.S. officials suspect Iran was behind similar cyber attacks on U.S. and other Western businesses in the U.S. and in the Middle East, some dating as far back as December. A conservative website, the Washington Free Beacon, reported that the intelligence arm of the Joint Chiefs of Staff said in an analysis Sept. 14 that the cyber-attacks on financial institutions are part of a larger covert war being carried out by Tehran.
Unlike the cyber-attacks attributed to the United States and Israel that disabled Iranian nuclear enrichment equipment, experts said, the Iranian attacks were intended to disrupt commercial websites. Online operations at Bank of America and Chase both experienced delays last week.
In a previously undisclosed episode, Iranian cyber-forces attempted to disrupt the websites of oil companies in the Middle East in August by routing their efforts through major U.S. telecommunications companies, including AT&T and Level 3, according to U.S. intelligence and industry officials. They spoke on the condition that their names not be used because they were not authorized to speak to the media.
The effort did not cause serious disruptions, but it was the largest attempted denial-of-service attack against AT&T “by an order of magnitude,” said one of the industry officials. A distributed denial-of-service attack is designed to overload a website and block access to the server or site.
The U.S. intelligence community is increasingly concerned about Iran’s improving capability to mount attacks. Director of National Intelligence James Clapper Jr. told Congress in February that “Iran’s intelligence operations against the United States, including cyber capabilities, have dramatically increased in recent years in depth and complexity.”
“The Iranians aren’t very good yet,” said one U.S. intelligence official, who spoke on the condition of anonymity because of the topic’s sensitivity. “But they’re getting better rapidly, and they’re motivated to get better rapidly because they believe they’ve been attacked, and they have.”
Iran announced plans last year to establish a cyber command to counter cyber-attacks aimed at Iran’s networks. Researchers also reported last week that Tehran is trying to develop its own Internet in part to cut off outside access to military and government computer networks.
In 2010, nearly 1,000 uranium enrichment centrifuges were damaged at Iran’s Natanz uranium enrichment plant as a result of a computer worm, Stuxnet, that was jointly created by the United States and Israel.
Many experts have said the launch of Stuxnet - the world’s first physically destructive cyber-attack - opened a Pandora’s box.
“If you are in the glass house, you should not be the one initiating throwing rocks at each other,” Gregory Rattray, chief executive officer of Delta Risk, a cyber-security company, said at a recent conference. “We will have rocks come back at us.”
The spate of denial-of service assaults are “from their perspective, not an escalation. It’s retaliation,” said the intelligence official. “They really, really want to do something to us.”
Iran’s Revolutionary Guard Corps and its Ministry of Intelligence and Security have been attempting attacks, the official said.
In the August attempt, Iran bombarded AT&T’s servers for two days, stopped for two days and then resumed the attack for two more days, officials said. The company was able to realign its servers to prevent the oil companies that use its service from experiencing a major loss of website access. But the industry officials warned the next attack could be more severe.
The industry official said the affected oil companies were in Saudi Arabia and other countries in the Middle East that are taking part in an oil embargo. Some of the websites were temporarily disabled, but the impact was not major, the official said.
Describing the attacks on financial institutions, Lieberman said they are “a powerful example of our vulnerability. It’s a warning to us that if we take action against their nuclear weapons development that they have the capacity to strike back at us.” he said. “We can’t be fearful. Once the United States begins to get fearful of counter acts if we take action to protect our security, then we’re on the road to a much weaker and less free America.”
Front Section, Pages 10 on 09/23/2012