After a week of silence, the Islamic extremist group Izz ad-Din al-Qassam Cyber Fighters has vowed to continue a series of Distributed Denial of Service (DDoS) attacks targeting U.S. financial institutions, which are being conducted in protest of a widely denounced YouTube video which scorns the prophet Mohammed.
In a new posting on Pastebin, the hacktivists decried “we still found the anti-Islamic offensive film on the Internet. Thus the chain of cyber attacks on U.S. banks will continue this week.”
Unlike prior postings attributed to the group, today’s message declined to offer specific targets selected for the operation. Previous targets in the ongoing campaign include Wells Fargo, US Bank, PNC, Bank of America, JPMorgan Chase, Capital One, Suntrust Bank and Regions, all of whom experienced varying periods of website downtime as a result.
According to the group, the latest round of DDoS attacks will be conducted through Thursday, and further assaults can be expected for as long as the video in question remains available on the Internet.
“[The] attacks will continue [for as long as the] insults last. Do you want [the] attacks to be stopped? Stop the insults and eliminate their traces,” the hacktivists proclaimed.
Included in the latest communique from the attackers is a cryptic message in the form of a mathematical equation which makes mention of U.S. Secretary of Defense Leon Panetta. “Try to solve the following equation while your banks are howling under pressure from the attacks,” the group stated.
Panetta made headlines last week when he warned that “a cyber attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack of 9/11. Such a destructive cyber terrorist attack could paralyze the nation.”
Defending against network-layer DDoS attacks can be difficult. The tactic is a favorite among hacktivists because they are for the most part simple to carry out and usually employ a stream of data directed at a web server at such high frequency it can cause disruptions for the targeted website.
One innovative solution that can protect networks from DDoS attacks and other malicious web traffic is to implement a first line of defense appliance between the router and the firewall to filter out malicious traffic before it can ever reach the targeted network, eliminating the need for multiple load balancers and servers, and reducing the overall volume of data logged by intrusion detection mechanisms.