For months, a group that refers to itself as the al-Qassam cyber fighters wreaked havoc on the American banking system. It’s now backing off. Maybe.
With its denial of service attacks, it was able to successfully carve a niche that resulted in millions of frustrated consumers and no shortage of bank presidents who were helpless to stop the attacks. Now, though, it’s announced that will suspend those attacks. It says it’s doing this not because it’s afraid of being caught (investigator’s aren’t even close) nor have the members had a change of heart. It’s stopping its assaults because someone, somewhere, finally agreed to take down a controversial YouTube video.
This is good news for American banks. The onslaught of attacks were taking a toll – on CEOs, employees and the banking customers themselves. The frustration was evident with security companies who were unsure of how to stop them.
The al-Qassam cyber fighters took to their regular communication preferences: Pastebin and in doing so, it announced that because the video that depicted the Prophet Mohammad in a less than ideal light had been removed from YouTube, it takes that as a “clear indication of progress and establishment of logic instead of obstinacy.” It then went on to say that it “lauds” the efforts and is pleased to know the video had been suspended. It did, say, however, that while it would be extending a brief window of time for both Google, (which owns YouTube) as well as the U.S Government to ensure all copies had been pulled.
But don’t think that the group will simply back off because the public copy had been removed. The group warned it could resurface at any time. Security analysts agree. Carl Herberger, the vice president of security solutions at Radware, agrees that this is in no way the proverbial “white flag”, especially if the group isn’t satisfied that the copies are destroyed – either virtually or otherwise.
Meanwhile, the suspicions of some that Iran is behind the attacks continue as well, although many have dismissed that possibility.
You may recall the attacks brought down the nation’s biggest banks at different times during the last three months of 2012 and into 2013. The group always warned which bank would be next and sure enough, those were the banks that took the hits. Last week alone the group took responsibility for hitting 26 banks, including Wells Fargo, Citigroup and others. Radware reports a 170% increase in these types of attacks in 2012 alone. And the analysts all agree: these types of attacks are here to stay.
Consumers have grown increasingly frustrated and two weeks ago, PNC acknowledged it, along with others, continue to struggle with the internet traffic that can only be attributed to these denial of service attacks. That said, the bank reassured consumers that it believes it’s less about breaking into individual attacks, but rather, it’s all about accessing the servers.
These attacks are quite expensive, too, according to Radware, which estimated the costs associated with the various downtime for banks at $32,560 per minute.
For awhile, the group went silent. Soon, it was clear why when it released this message,
Due to approaching Eid al-Adha and to commemorate this breezy and blessing day, we will stop our attack operations during the next days.
The holiday, it said, would provide the opportunity to extend interviews to the American media about “our ideas and positions”. The message also appeared on Pastebin in late October and for six weeks, all was quiet. It was accompanied by an email address with an invitation to “every press volunteer to interview us, send its full specifications and offers to us.” It then mentioned that due to the attacks, bank employees were given a bit of a break during the day, or so it believed. Of course, when consumers can’t access their accounts online, they begin calling their banks, which likely meant they weren’t given a break, but rather, a surge of angry customers who were calling and showing up at their branches.
Now, though, it looks as though there’s a light at the end of the tunnel – at least in this specific case – for both bankers and security analysts. The question is: who removed the video? Google’s definitely not talking. Many credit the film to Nakoula Basseley Nakoula, who used the name Sam Becile in past media interviews. If that name sounds familiar, it’s because Nakoula recently appeared in court on charges that he’d violated the terms of his 2010 conviction for banking fraud. He served close to two years in prison. Part of the conditions for being released on bail included assurances that he’d not use a computer unless his probation officer supervised him.
The bigger problem is there are still many copies found in other YouTube accounts. “All of them needed to be removed,” said the Al-Qassam Cyber Fighters’ email.
Meanwhile, we will control the situation constantly and closely and will adopt the correct decision according to the future circumstances.
At one time, the group promised to continue its attacks for at least a year, or at a minimum, until there was an “erasing of that nasty movie”. Keep in mind, though, the video the group refers to was a 13 minute preview. The film is “Innocence of Muslims” and it was offensive to many, not just those associated with the group. For quite some time, Google refused to remove the video, though it did agree to block it in countries with large Muslim presence. Egypt and Libya were two of those countries. “What’s OK in one country can be offensive elsewhere,” said a statement released by Google in September.
This video – which is widely available on the Web – is clearly within our guidelines and so will stay on YouTube.
Do you believe the attacks have stopped from this group or is this just a brief step back? What do you think happens if other copies suddenly surface and make their way to mainstream media? Do you think Iran is behind the denial of service attacks? Share your thoughts with us.