Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Censorship Security The Almighty Buck The Internet IT Your Rights Online

Islamic Hacker Group Resumes Attacks On Banks 306

Posted by timothy
from the washing-your-mouth-out-with-soap dept.
tsamsoniw writes "PNC, Bank of America, SunTrust, and other major financial institutions have experienced a wave of DDoS attacks and site outages over the past couple of days, and Islamic extremist hacker group Izz ad-Din al-Qassam Cyber Fighters is claiming responsibility. The group, which launched similar attacks earlier this year, reiterated its demands: that a controversial YouTube video mocking the prophet Mohammed "be eliminated from the Internet.""
This discussion has been archived. No new comments can be posted.

Islamic Hacker Group Resumes Attacks On Banks

Comments Filter:
  • Its becoming clear (Score:5, Insightful)

    by Anonymous Coward on Thursday December 13, 2012 @04:56PM (#42280389)

    Religion is a disease of the mind, its victims need treatment, not mocking or pity or hate

    • by Anonymous Coward on Thursday December 13, 2012 @05:14PM (#42280689)

      Religion is a disease of the mind, its victims need treatment, not mocking or pity or hate

      But the mocking is so much fun!

    • by Anonymous Coward on Thursday December 13, 2012 @05:27PM (#42280937)

      > Religion is a disease of the mind, its victims need treatment

      It is not just religion, it is any kind of "us vs them" tribalism.

      • by SplashMyBandit (1543257) on Thursday December 13, 2012 @07:28PM (#42282531)

        It is not just religion, it is any kind of "us vs them" tribalism.

        Just remember the "us vs them" is not always the result of tribalism. In this case the "them" are muslim political fundamentalists that will accept no other system in the globe except the Caliphate and Sharia. If you would rather keep your freedoms and the principles of the Englightenment then you fall into the "us" group. These are not "tribes" in the nationalistic sense (which perhaps was what you meant) - it is a fundamental battle of civilizations between those that seek to embrace all cultures, or those that believe that God commands that impose a particular political system be imposed around the globe (and which cannot be questioned). Islam is not alone in this singular view, it just happens to be the most active in it at the moment and is growing more and more active.

    • It's not about 'religion'. It's about how easy it is to incite people into doing whatever you want them to. I present to you the wars in Iraq and Afghanistan. I mean, all this is bullshit when you have Americans debating the merits of torture.

    • by PolygamousRanchKid (1290638) on Thursday December 13, 2012 @07:32PM (#42282579)

      Lots of folks have diseases of the mind, but somehow manage to be only a minor annoyance or slight nuisance to others. Like the crazy lady who hurls cats at me.

      Others seem Hell-bent on trying to make their sickness impact my personal freedom and values of liberal democracy as greatly as possible on my front lawn.

      The Founding Fathers spoke of "Freedom of Religion," but they really meant "Freedom from Religion", of others, as well.

      Democracy, not Theocracy.

    • by Anonymous Coward on Thursday December 13, 2012 @08:11PM (#42282927)

      Because Islam extremists represent all religious minded folks.

      What's that nerds are usually so adamant about? Something about not painting everyone with one brush?

    • Religion is a disease of the mind,

      Diseases came in many forms and severity
       
      Similar to diseases, religions came in many forms and have different levels of severity
       
      That hacker group happened to be from one with the terminal effects - suicide bomber is but one of the many examples
       

    • by flyneye (84093)

      This includes the religion of atheism.
      Religion can be anything from mild interest to obsession with any dogma right up to the Rocky Horror Picture Show or NASCAR.
      Money worship is the most popular religion in the world.
      Of course my tagline gives away my personal favorite. But where else can you get eternal salvation or triple your money back?
      Mocking? We are the pros!

  • Someone tell me (Score:5, Interesting)

    by kc67 (2789711) on Thursday December 13, 2012 @04:57PM (#42280399)
    Why can't these financial institutions stop a DDOS? I am being serious. Why can't these be mitigated at a data center?
    • by Baloroth (2370816) on Thursday December 13, 2012 @05:07PM (#42280559)

      You can (some sites have before), but doing so takes up resources and won't necessarily stop all the different attack vectors. DDoS can use multiple approaches aside from just flooding the server with requests. You can, in theory, protect against all the known attacks, but that requires time and money before the attack starts, which might be wasted if you never get attacked (you don't typically want 10x your expected maximum load worth of bandwidth just sitting around unless you absolutely need it, for example).

      • You can (some sites have before), but doing so takes up resources and won't necessarily stop all the different attack vectors. DDoS can use multiple approaches aside from just flooding the server with requests. You can, in theory, protect against all the known attacks, but that requires time and money before the attack starts, which might be wasted if you never get attacked (you don't typically want 10x your expected maximum load worth of bandwidth just sitting around unless you absolutely need it, for example).

        What you need is enough redundancy so that DDOS is worthless. You also need near instantaneous recovery time. A cloud network could provide redundancy and virtualization could decrease recovery time. The attack vectors also aren't unlimited so unless it's some sort of zero-day it's going to be known.

    • Re:Someone tell me (Score:5, Insightful)

      by thoughtlover (83833) on Thursday December 13, 2012 @05:09PM (#42280603)
      The real question is, why do these hackers think the banks are responsible for this video or have any way to even take it down --from the internet, much less. Yeah, good luck with that --right, reputation.com? And why does everyone call this a 'YouTube video', as if Google had something to do with funding its production? Does YouTube have a DDoS problem from this group, too?
      • Re:Someone tell me (Score:5, Insightful)

        by operagost (62405) on Thursday December 13, 2012 @05:22PM (#42280847) Homepage Journal
        Because these terrorists are ignoramuses from countries where control of everything is centralized in a dictator or a theocracy, so naturally they can't comprehend of a liberal democracy where this might not be the case.
        • by Ubi_NL (313657)

          Well stated (sorry i dont have modpoints today)

        • by peragrin (659227)

          forget even being a liberal democracy.

          This is the Internet. the only thing that get's lost on the Net are morals. And even that depends on the person.

          Sure things come and go. but I googled a website I created 15 years ago. The severs and pages long ago stopped working, but I found it in 4 different caches.

          Once it is on the NET it never goes away. Now think about that while posting that picture on Facebook

        • Re:Someone tell me (Score:4, Insightful)

          by thoughtlover (83833) on Thursday December 13, 2012 @06:26PM (#42281795)
          Sorry bud, they know exactly what they want to destroy. Freedom. Because they don't have it. I still don't understand that tack, but they aren't 'ignoramuses'. How are they suddenly put down when they are 'fighting the power' when they DDoS a Western bank, yet vaulted to glory when they are savvy users of social media to coordinate the Arab Spring --or when they make a homemade tank that's controlled with a Playstation controller? Really, you frighten me with that blanket-statement regarding Arabs' mentality who reside in countries with a dictator or theocratic state. Most of them are still not free [wikipedia.org]. The fact you're modded 4, Insightful makes me wary of the lot who gave you such a score, too. Especially when today's headlines [slashdot.org] on Slashdot read as such.
        • by ackthpt (218170)

          Because these terrorists are ignoramuses from countries where control of everything is centralized in a dictator or a theocracy, so naturally they can't comprehend of a liberal democracy where this might not be the case.

          Ah, but they can comprehend a liberal democracy. Anything which challenges the fixed set of beliefs their cowardly windbag guides brainwash them into accepting without question is the enemy, particularly a place in this world where they could actually think for themselves, which is particularly cold and lonely if you've never never thought for yourself.

          I once was astounded people chose to be prisoners of thought, until I began to understand the Stockholm Syndrom [wikipedia.org]

          These people will do great harm to themsel

        • Wag the dog. They've got us all shooting at each other.

        • Re:Someone tell me (Score:4, Insightful)

          by SplashMyBandit (1543257) on Thursday December 13, 2012 @07:36PM (#42282635)

          so naturally they can't comprehend of a liberal democracy where this might not be the case.

          Wrong. They understand what liberal democracy it. It is just they reject it utterly because they believe they are commanded by God to do so (according to their teachings). Similarly, parts of the political classes in the West are starting to utterly reject the notions of the political Islamists, since it seeks to eventually replace all other systems. Please don't confuse each 'side' with not comprehending each other's point of view. Both positions are pretty well understood. It is just that each side rejects the other. Note, however, that liberal democracy can tolerate aspects of the religious myths of Islam (eg. Muslim Israelis are tolerated, even in the IDF, for example). What liberal democracy rejects is the political system of Islam and the tyrrany of some parts of the religion [eg. poor treatment of women, the non-egalitarian concept of dhimmitude, the inability to question the clerics etc]).

      • by Trepidity (597)

        That's also a question, but I'm not sure that's "the real question". To me, why a giant corporation with business-critical e-commerce systems can't withstand a DDoS is a more puzzling question than why there exists, somewhere in the world, someone with stupid opinions.

      • Re: (Score:3, Insightful)

        by high_rolla (1068540)

        My guess is that they feel if they can disrupt the services of banks it will in turn disrupt the functioning of many organisations that rely on those banks for financial services. This would have a negative effect on the economy as a whole (which is already in bad shape) and possibly get the attention of the government to do something to stop it.

        Now, I don't feel this is actually going to work like that but that is my best guess at what they were attempting.

        Or maybe they figured a lot of banks higher ups a

      • The real question is, why do these hackers think the banks are responsible for this video or have any way to even take it down --from the internet, much less.

        When the banks refused to process donations they very nearly destroyed wikileaks.
        Maybe their reasoning isn't quite so far-fetched after all.

        • The online services did a risk assessment and decided the risk was to great to continue accepting funds related to Wikileaks. At the time there were serious concerns about the legality of releasing some of the information. If the services had continued to accept funds they could have been charged as being complicit in distributing information protected under certain laws and regulations. Just being charged can require spending large amounts of money to defend a company even if the charges are bullshit. The

      • I'm not sure if it's that, exactly, of if it's simply that they believe that financial institutions are the cornerstone of the Western system of global control and that by fighting banks they are striking the root of evil rather than wasting energy hacking away at its branches.

      • by xenobyte (446878)

        ... Does YouTube have a DDoS problem from this group, too?

        DDoS probably but problem? No.

        YouTube is a massively distributed service, like Google, Twitter, Facebook etc. and it is close to impossible to take out the entire distributed service. They may take out some parts if they're really good, but most of the service will remain. DDoS is only really efficient on sites hosted on single servers or small clusters with single points of failures.

        The best DDoS looks exactly like regular traffic, but most tools do quantity, not quality. Duplicated packages, invalid chec

    • Re: (Score:2, Informative)

      by DigiShaman (671371)

      DDOS = Distributed Denial Of Service.

      Laws of physics. Even if you have hundreds of thousands of of zombie infected machines blowing UPD packets towards your public gateway IPs, nothing you can do to stop it from taking up bandwidth. That's why it's a DDOS. It's a digital siege attack!

      • you stop it before it crosses YOUR wan (or lan) link.

        ie, push filters outward to your cooperative isp's so that its stopped there.

        (no idea if anyone does that, but its how it should be done)

        • by ultranova (717540)

          ie, push filters outward to your cooperative isp's so that its stopped there.

          Filtering takes more resources than just blindly passing everything on. Why would an ISP accept filters from non-customers? Especially a bank?

    • by sjames (1099)

      A bunch of connections coming in from a large group of IP addresses with random timing. Each made to look like it could be a legitimate customer looking at the site. What is your suggestion?

      • I've had good results with piping to /dev/null
        • by sjames (1099)

          Based on what criteria? If everything, you're down anyway.

        • by molecular (311632)

          I've had good results with piping to /dev/null

          lol. disconnecting from the network usually brings system load back to 0.01, too.

        • by dissy (172727)

          How does that get good results?

          If you do nothing about the attack, your site is down.
          If you pipe all traffic to /dev/null, your site is still down.

          Being down is not better than being down, those two things are the same thing.

      • A bunch of connections coming in from a large group of IP addresses with random timing. Each made to look like it could be a legitimate customer looking at the site. What is your suggestion?

        Compared to the bandwidth available at their data centers a bazillion connections attempts ain't nothing at all. The problem is typically with the processing overhead to handle the connection attempts and the bandwidth consumed in giving them a fuill-blown response. All that can be mitigated with a front-end box whose job is simply to handle the 3-way tcp handshake and transmit a very light-weight page with some javascript on it that must run in order to get to the real processing heavy main page.

        You risk

        • by sjames (1099)

          That certainly does help, but javascript engines and browser libraries are widely available these days. If the javascript is TOO non-trivial, real customers with old PCs will start complaining.

          • Yep, as are most things in life, it is a trade-off. In the case of a DDOS the goal is only to weather the storm, and then go back to a less intrusive set up once the DDOSers give up.

        • by dissy (172727)

          I don't see why you would think Internet Explorer, all jokes about the browser aside, couldn't run some javascript.

          Tens of millions of infected PCs are performing the attack, and the infection is using the same rendering engine as any other of the banks customers would.
          The infected PCs are no different than the PCs their real customers use (outside of being infected), there is nothing what so ever about the two that looks any different.

          Anything they add to prevent an infected computer from doing, they will

    • Re:Someone tell me (Score:4, Interesting)

      by SecurityTheatre (2427858) on Thursday December 13, 2012 @06:20PM (#42281699)

      I worked to help a company under DDOS attack mitigate the threat.

      Their normal bandwidth usage was on the order of 400Mbps, they has about 1Gbps of capacity. They were peered to several regional NOCs that maintained about 50Gbps of connectivity, I believe. Keep in mind that 50Gbps with multiple peers costs on the order of $400,000 per year, if my math is correct.

      Well, regardless, the DDoS attacks from a single individual (who was later identified) were pushing about 60Gbps (!?!) of attack bandwidth. They not only overwhelmed the provider and their small datacenter, but the upstream NOC as well. The other issue is that the DDoS attacks were coming from a huge number of endpoints, sometimes 100,000 or more, so it was not practical to simply blacklist all of their networks, especially since many were on cable modems, or other servers in major companies that had been infected with some botnet, or otherwise.

      On the whole, a major financial institution CAN mitigate these attacks. You should note that the Bank of America website is still up.

      However, I estimate it costs them in excess of $100,000 per month to do so.

    • Why can't these financial institutions stop a DDOS? I am being serious. Why can't these be mitigated at a data center?

      DDOS isn't hard to stop. Cloud computing at a datacenter would stop it just fine. When one server goes down if the cloud is based on virtualization such as with VMWare then another instance of the OS would replace it instantly. It would make the DDOS attempts completely ineffective.

      Of course there are more details in implementing this but this problem has been solved.

      • by Discopete (316823)

        It's not a question of systems of servers going down, it's a question of overloading the targets data transmission capability. If the attacker can push move data down the line than the target can handle, then even if none of the targets systems go down, you've still disrupted their ability to do business. Even if they only are able to send 50% to 75% of a targets capacity, they have still reduced the overall effectiveness of the target and have disrupted their ability to conduct business as usual.

      • by Rogerborg (306625)
        Just so we're all clear, if your answer involves "the cloud" then you didn't understand the question.
  • by thoughtlover (83833) on Thursday December 13, 2012 @05:00PM (#42280439)

    ...and Islamic extremist hacker group Izz ad-Din al-Qassam Cyber Fighters is claiming responsibility

    Man, they really need a simpler name. A catchy logo would help, too.

  • Misdirected anger? (Score:5, Insightful)

    by fahrbot-bot (874524) on Thursday December 13, 2012 @05:03PM (#42280487)

    The group ... reiterated its demands: that a controversial YouTube video mocking the prophet Mohammed "be eliminated from the Internet."

    And these idiots think the banks are responsible and/or control the Internet and its content? - sigh

    • by sribe (304414)

      And these idiots think the banks are responsible and/or control the Internet and its content? - sigh

      Remember that some of these people live under regimes where no media is ever created without government involvement, or at least complicity.

    • one of these days, somebody is going to say fuck it, and once they find country of origin, are going to organize a targeted DDOS back to them that wipes their TLDs off the web for weeks, months, or years. maybe then we can get some international leadership to put these nitwits in a can with Prince Albert and lock them in the fridge to see how fast it's running.

    • by molecular (311632)

      The group ... reiterated its demands: that a controversial YouTube video mocking the prophet Mohammed "be eliminated from the Internet."

      And these idiots think the banks are responsible and/or control the Internet and its content? - sigh

      Maybe that's not as far from the truth as you think.

  • 'nuff said

    • Re:Fuck them (Score:5, Interesting)

      by ultranova (717540) on Thursday December 13, 2012 @05:25PM (#42280903)

      The muslims or the banks?

      Snark aside, I think we should encourage the transition from real to this kind of financial cyber-terrorism - not only does it not get anyone killed, but the targets have almost certainly deserved it many times over. Heck, harassing the banks could well end up helping the economy by hindering their ability to parasite off it.

      Two evils duking it out is great for the rest of us, who get a break from both, and some free entertainment on top of it. Make some popcorn, pop a few beers, and watch the fireworks.

      • The muslims or the banks?

        Snark aside, I think we should encourage the transition from real to this kind of financial cyber-terrorism - not only does it not get anyone killed, but the targets have almost certainly deserved it many times over. Heck, harassing the banks could well end up helping the economy by hindering their ability to parasite off it.

        Two evils duking it out is great for the rest of us, who get a break from both, and some free entertainment on top of it. Make some popcorn, pop a few beers, and watch the fireworks.

        Since the last part of your is ubiquitous here, I'm starting to wonder if people really are eating popcorn while reading articles.

  • But think about it, here we are in the second decade of the 21st century, and we have notorious cyber terrorists hacking banking systems, wrecking havoc! It's like, the future man! Johnny Mnemonic here we come! Hack the planet!
  • This story just goes to show, anyone can install and use Low-Orbit Ion Cannon, even if he or she doesn't understand how the Internet works. No matter where you fall on the "hacker" definition debate [wikipedia.org], it's pretty clear that these people aren't hackers.
  • by Animats (122034) on Thursday December 13, 2012 @05:11PM (#42280629) Homepage

    If Islam is that threatened by a badly produced video from a religious group, maybe it just needs a bigger push to bring it down.

    • by Nerdfest (867930)

      Perhaps a demonstration of Islam and Rule 34 is in order. (Actually, it most likely already exists and many of these people know of it. The hypocrisy of many religious folks is pretty spectacular at times)

  • by timeOday (582209) on Thursday December 13, 2012 @05:16PM (#42280735)
    If all they're doing is DDOS'ing websites they disagree with, they're exactly as extremist as Anonymous.
    • by EdIII (1114411)

      Not really. Anonymous either does it for the laughs, the "prestige", or just to release records that will increase government transparency or reveal corporate corruption.

      Anonymous does not hack McDonald's and then demand that Toys R Us reduce the retail price of Barbie toys by 50%.

  • by kawabago (551139) on Thursday December 13, 2012 @05:24PM (#42280871)
    At 8pm EST Dec. 13 let's all DDOS God! Repeat Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah ...
    • by HexaByte (817350)

      At 8pm EST Dec. 13 let's all DDOS God! Repeat Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah Allah ...

      Heaven.com replies: "I'm sorry but there is no one here by that name."

    • by molecular (311632)

      lol! someone upvote parent.

  • The only sensible thing is to give the video more exposure.. Anyone got a link?

  • I do a lot of business with Wells Fargo and Company. I don't see a problem here; yawn.
  • Explain to them the Streisand Effect. Then explain Babs is a Jew, and they are using Jewish tactics on the banks. Sit back and watch the circular hate shut them down.

  • ...and not know how impossible it is to remove that video from the internet?

  • As soon as governments, or those with their own means, start to kill a few of these attackers they will quickly lose much of their support. As it is now it's seen as a fairly safe way to cause some harm and feel like you are doing something on a boring Saturday night. Let a few of them be found in dumpsters and the majority of them will waste their time else where. Sure you'll always have the government sponsored professional programs going on, but say good byte to the majority of Anonymous, etc.
  • by Evtim (1022085) on Friday December 14, 2012 @03:58AM (#42285023)

    There are about a million good reasons why the banks should be attacked if not completely destroyed. That blasted movie is NOT one of them.
    I wonder if the attackers are aware that their actions in this case work exactly against their interests.

An inclined plane is a slope up. -- Willard Espy, "An Almanac of Words at Play"

Working...