Treasury Secretary Jack Lew said Wednesday that banks and credit unions have faced 250 distributed denial-of-service attacks since 2011 — a type of cyberassault that officials believe could disrupt the U.S. financial system.
Lew said the Treasury Department will launch the Financial Sector Cyber Intelligence Group to circulate warnings about cyberthreats and thwart electronic incursions.
“This team is delivering timely and actionable information that financial institutions can use to protect themselves,” Lew said. “This unit consists of cyber-
experts and security analysts who scour law enforcement and intelligence reports constantly to find relevant activity, analyze and connect the dots between events, and issue information bulletins for security professionals in the financial sector.”
Beginning in the spring of 2012, a number of major U.S. banks came under cyberattack, with a barrage of Internet traffic crippling their public Web sites for hours at a time. U.S. intelligence officials determined that the distributed denial-of-service attacks, which disrupted customer business, were the work of the Iranian government and came in retaliation for Western economic sanctions aimed at halting Iran’s nuclear program.
Although the assaults did not cause physical damage, they were the first significant disruptive computer attack against a U.S. industry by a foreign adversary. In the end, the banks handled the DDOS barrages mostly on their own. The White House concluded that the attacks were not sufficiently severe to merit a military intervention. The administration did, however, use diplomatic and security channels to try to ease the assaults by asking officials in about 120 countries to choke off the debilitating computer traffic at nodes around the world.
“It does not take much to imagine the impact of those attacks on U.S. banks if they had penetrated core operational functions rather than temporarily disrupting public Web sites and customer log-in pages,” Lew said. “Cyberattacks on our financial system represent a real threat to our economic and national security.”
Bank officials have said that one of the most valuable outcomes of an otherwise harrowing experience was the great increase in information sharing — especially among banks.
“The amount of sharing on this rose to a new level,” said Bill Nelson, president and chief executive of the Financial Services Information Sharing and Analysis Center. “It was unprecedented and showed the value of information sharing.”
Lew implored firms to cooperate with the new government efforts in order to prevent worse attacks from undermining the economic system.
“Far too many hedge funds, asset managers, insurance providers, exchanges, financial market utilities and banks should and could be doing more,” he said.
“Disclosing security breaches is often perceived as something that could harm a firm’s reputation. This has made many businesses reluctant to reveal information about cyber-incidents. But this reluctance has to be put aside.”