Jung Yeon-Je/Agence France-Presse — Getty Images
¶
American Express
customers trying to gain access to their online accounts Thursday were
met with blank screens or an ominous ancient type face. The company
confirmed that its Web site had come under attack.
News from the technology industry, including start-ups, the Internet, enterprise and gadgets.
On Twitter: @nytimesbits.
On Twitter: @nytimesbits.
¶
The assault, which took American Express offline for two hours, was the
latest in an intensifying campaign of unusually powerful attacks on
American financial institutions that began last September and have taken
dozens of them offline intermittently, costing millions of dollars.
¶
JPMorgan Chase was taken offline by a similar attack this month. And
last week, a separate, aggressive attack incapacitated 32,000 computers
at South Korea’s banks and television networks.
¶
The culprits of these attacks, officials and experts say, appear intent
on disabling financial transactions and operations.
¶
Corporate leaders have long feared online attacks aimed at financial
fraud or economic espionage, but now a new threat has taken hold:
attackers, possibly with state backing, who seem bent on destruction.
¶
“The attacks have changed from espionage to destruction,” said Alan
Paller, director of research at the SANS Institute, a cybersecurity
training organization. “Nations are actively testing how far they can go
before we will respond.”
¶
Security experts who studied the attacks said that it was part of the
same campaign that took down the Web sites of JPMorgan Chase, Wells
Fargo, Bank of America and others over the last six months. A group that
calls itself the Izz ad-Din al-Qassam Cyber Fighters has claimed
responsibility for those attacks.
¶
The group says it is retaliating for an anti-Islamic video posted on
YouTube last fall. But American intelligence officials and industry
investigators say they believe the group is a convenient cover for Iran.
Just how tight the connection is — or whether the group is acting on
direct orders from the Iranian government — is unclear. Government
officials and bank executives have failed to produce a smoking gun.
¶
North Korea is considered the most likely source of the attacks on South
Korea, though investigators are struggling to follow the digital trail,
a process that could take months. The North Korean government of Kim
Jong-un has openly declared that it is seeking online targets in its
neighbor to the south to exact economic damage.
¶
Representatives of American Express confirmed that the company was under
attack Thursday, but said that there was no evidence that customer data
had been compromised. A representative of the Federal Bureau of
Investigation did not respond to a request for comment on the American
Express attack.
¶
Spokesmen for JPMorgan Chase said they would not talk about the recent
attack there, its origins or its consequences. JPMorgan has openly
acknowledged previous denial of service attacks. But the size and
severity of the most recent one apparently led it to reconsider.
¶
The Obama administration has publicly urged companies to be more
transparent about attacks, but often security experts and lawyers give
the opposite advice.
¶
The largest contingent of instigators of attacks in the private sector,
government officials and researchers say, remains Chinese hackers intent
on stealing corporate secrets.
¶
The American and South Korean attacks underscore a growing fear that the
two countries most worrisome to banks, oil producers and governments
may be Iran and North Korea, not because of their skill but because of
their brazenness. Neither country is considered a superstar in this
area. The appeal of digital weapons is similar to that of nuclear
capability: it is a way for an outgunned, outfinanced nation to even the
playing field. “These countries are pursuing cyberweapons the same way
they are pursuing nuclear weapons,”
said James A. Lewis, a computer security expert at the Center for
Strategic and International Studies in Washington. “It’s primitive; it’s
not top of the line, but it’s good enough and they are committed to
getting it.”
¶
American officials are currently weighing their response options, but the issues involved are complex. At
a meeting of banking executives, regulators and representatives from
the departments of Homeland Security and Treasury last December, some
pressed the United States to hit back at the hackers, while others
argued that doing so would only lead to more aggressive attacks,
according to two people who attended the meeting.