Well Fargo has apparently become the latest bank affected by a series of cyber-attacks that are seemingly linked to the controversial YouTube movieThe Innocence of Muslims,with hundreds of customers said to be locked out of the bank’s website earlier today.
The attack on Wells Fargo’s site – which the bank itself acknowledged via Twitter earlier in the day – are thought to be the work of a group known as Izz ad-Din al-Qassam Cyber Fighters, a group that has previously claimed responsibility for similar attacks on Bank of America, Citigroup, U.S. Bancorp, PNC and JP Morgan. Those attacks – some carried out as recently as yesterday – were part of what the group termed “Operation Ababil,” which translates to “swarm,” and have left thousands of customers unable to access their accounts online.
The group took credit for the attacks via an online post to Pastebin, a site often used by hackers to announce attacks and mission statements. According to the post, the group will target American businesses and organizations daily as part of the Ababil until the Innocence of Muslims video is removed from the Internet (They’re not the only ones calling for the video to be removed; a court in Brazil ruled today that YouTube should remove the video immediately, as well).
Not everyone believes that the attacks have anything to do with the amateur-looking hate-speech video that has incited violence across the Middle East, however. Dmitri Alperovitch of the private security firm CrowdStrike, believes that Izz as-Din al-Qassam is using the video to draw attention to itself and act as a smokescreen for its true aims. “We believe claiming this has something to do with the video is a ruse,” he said, pointing out that the group has apparently been active for months by this point, with attacks dating back as early as this summer.
That’s not the only interesting thing about the attacks, Alperovitch points out. Even though the attacks have been annoying for both the banks involved and their customers, they haven’t actually been that dangerous, considering. “It’s important to note that nobody’s information has been compromised,” Alperovitch reported, adding that he believes that “no data has been stolen” at all so far (The attacks have all been Dedicated Denial of Service – or DDoS attacks – so far, which essentially slow down a website by pushing a level of traffic towards it that overwhelms the server). As such, the attacks have been more nuisances than anywhere near as damaging as they could otherwise turn out.
That relative harmlessness is, ironically, persuading experts that the attacks are not state-sponsored. When asked by the New York Times, the FBI reported that – as a matter of policy – it could not comment on whether or not it was investigating the attacks.