The purported cyber attacks against Bank of America's website Tuesday appear to have been contained, but highlight the ever-present need for information sharing and cooperation between financial institutions regarding security threats.
Shirley Inscoe, senior analyst with Boston-based Aite Group, notes that cross-industry meetings to discuss threats such as this most recent one are invaluable when combating cyberterrorism.
"Large banks do have industry meetings where they share information and strategies," she says, as well as noting collaborative work done by industry groups such as BITS, the technology division of The Financial Services Roundtable and the Financial Services Information Sharing and Analysis Center (FS-ISAC).
The bank's website experienced periodic outages yesterday, with Reuters reporting that customers contacted in New York, Georgia, Ohio and Michigan saying they could not access the website.
A group protesting an anti-Islam film allegedly took credit for the attacks, which also targeted the New York Stock Exchange.
A message posted in a Pastebin.com forum allegedly authored by "Cyber fighters of Izz ad-din Al qassam," a reference to the military wing of Hamas, foretold the attacks, blaming the United States and the "Zionist Regime" for the production of the film.
According to Bank of America, the website is functioning normally a day after the alleged attacks.
"Our online banking services have been, and are up and running," said Mark Pipitone, a Bank of America spokesman. "The vast majority of our customers did not experience any issues yesterday."
Regarding whether the outages were due to a cyber attack, Pipitone responded, "I can assure you that our customer and client information, our online banking platform and the related systems remain safe and secure."
Inscoe notes that Bank of America was helped by the fact that "the group publicized they were doing this." She adds that big banks, and Bank of America in particular, are not strangers to these kind of attacks.
"Especially when it is threats coming from outside of our borders, just their name alone makes them a target," she says. "Their name seems to symbolize the U.S. financial system."
Oded Comay, CTO of network access control provider ForeScout technologies added, "The more visible or attractive the entity, the more likely the target. The successful attacks themselves serve as a wake-up call for IT security professionals to remain vigilant. Modern hacking groups are motivated, organized and intelligent, leveraging known and new vulnerabilities and different attack vectors; which can change dynamically in order to make the attacks very hard to detect and even harder to preempt."