Banks Face Uncertain Threat from Planned Tuesday Cyberattack

Banks may be about to endure yet another cyberattack by hacktivist groups.

The hacker collective Anonymous has joined with groups throughout the Middle East and North Africa to vow a series of so-called denial of service attacks this Tuesday against financial institutions, other U.S. firms and government agencies.

The campaign, which hacktivists have dubbed OpUSA, comes in retaliation for what backers say are U.S. war crimes in Iraq, Afghanistan and Pakistan.

"Anonymous will make sure that this May 7th will be a day to remember," the group wrote in a message posted April 24 on Pastebin, a website used by programmers.

The threat follows a similar campaign against commercial and government targets in Israel by Anonymous, which has claimed responsibility for a series of attacks on financial networks and online sites in that country.

The attacks are expected to consist mostly of "nuisance-level attacks against publicly accessible webpages and possibly data exploitation," the U.S. Department of Homeland Security warned on May 1 in a bulletin obtained by Krebs on Security. "The criminal hackers behind the OpUSA campaign most likely will rely on commercial tools to exploit known vulnerabilities, rather than developing indigenous tools or exploits."

"Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-U.S. message," DHS added.

No major online sites had been adversely affected as of Monday afternoon, according to Radware, a digital security firm that is monitoring the threat.

The severity of the threat may depend on whether Anonymous can commandeer cloud computing facilities, which could increase the force of the attacks significantly. A wave of denial of service attacks against U.S. banks since September has been notable for the intensity, which experts attribute to attackers' ability to use cloud computing networks as a force multiplier.

"If Anonymous has learned that lesson then we might be in for a very long battle," Carl Herberger, vice president of security solutions at Radware, told American Banker. "That's where my eyes are focused. If we are seeing very high volumes of commercial internet providers and cloud companies [affected], then this could be worse."

On Monday, the Al Qassam Cyber Fighters, a group that has claimed responsibility for cyberattacks on banks that have harnessed cloud facilities, said it planned to suspend its campaign through Thursday to avoid sowing confusion between its operation and the attacks threatened by Anonymous.

Experts say publicly announced attacks can vary in credibility and are sometimes just a bid for attracting attention. "If the attackers follow the same patterns as previously witnessed during the [Operation Israel] attacks, then targets can expect a mixture of attacks," including "denial of service attacks and web application exploits," Mike Schiffman, a security researcher at Cisco, wrote recently. "Given the lack of specific details about participation or capabilities, the exact severity of the attack can't be known until it (possibly) happens."