Banking Blog

Finance Blogs » Banking Blog » Banks ask feds for cyber help

Banks ask feds for cyber help

By Claes Bell ·
Friday, January 18, 2013
Posted: 6 am ET

After a months-long campaign of hacker attacks on bank websites, and word that the attacks might be sponsored by the government of Iran, the banking industry is now looking to Uncle Sam for help.

From Siobhan Gorman and Danny Yadron of The Wall Street Journal:

Financial firms have spent millions of dollars responding to the attacks, according to bank officials, who add that they can't be expected to fend off attacks from a foreign government.

Defense officials have said Iran's government is behind the assault. Officials from several affected banks, including PNC Financial Services Group Inc., SunTrust Banks Inc. and BB&T Corp. are urging the U.S. government to stop or mitigate the attacks, according to investigators.

The outcry is particularly significant from an industry that usually seeks to keep the government at arm's length. Financial-services groups opposed a legislative effort last year to establish cybersecurity standards for key private-sector businesses, saying it could undermine protections already in place.

"The financial sector has historically been so sophisticated and organized in its security approach," said Kiersten Todt Coon, a former staff member on the Senate Homeland Security and Governmental Affairs Committee and now president of Liberty Group Ventures LLC, a risk-management firm. "When they choose to go to the government, that shows how strong the severity of this threat is."

It's probably a little nerve-racking for bank customers to hear their banks are seeking help from defense officials against what may be state-sponsored cyberterrorism. But as Gorman and Yadron note, as far as we know, the hackers in question haven't actually been able to crack open bank databases and grab consumers' data.

As I wrote a few months ago, so far, the attacks have been limited to advanced versions of an old hacker favorite: the distributed denial of service attack. DDoS attacks, as they're known, simply flood a website with "clicks" until they're forced to shut down. As a result, all they've managed to do is inconvenience customers doing their banking and inhibit banks' ability to do business by making banks' websites inaccessible. That's definitely not optimal, but at least for customers, it's not the end of the world, either.

Of course, there's a risk the hackers, who appear to be very well-funded, will change tactics and manage to access more critical bank networks, at which point customers could be seriously harmed. But as of today, these attacks are a bigger problem for your bank than they are for you.

What do you think? Should the federal government help the banks fight off these cyberattacks? Do you worry about hackers getting access to your money?

Follow me on Twitter: @ClaesBell.

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
March 11, 2013 at 9:02 pm

The Government has many other things to do with its money. They have services for secutiry issues like this one. There are busineess all over the country whom pay for this service. The Govnt is not resposible to pay for everything we have wow..

January 18, 2013 at 12:29 pm

Well I hope that these attacks (if they are real) wont be the excuse given when the dollar collapses and the big banks are held to the fire for derivatives exposure that some say are upwards of 250 trillion. These mega banks are looking for a way out of their predicament but I predict they will have to be dissolved.

January 18, 2013 at 11:58 am

Welcome to warfare in the 21st Century. If you can't physically fight someone, Destroy their financial backbone, infrastructure, etc., all from the other side of the world sitting at a computer. The rest will follow. It is in the countries best interest to protect the US financial system. Without that, the country will go broke.

Tom H – Seattle
January 18, 2013 at 11:39 am

The banks have plenty of money and resources to fight these efforts. They could kick in some of the bonus money they dole out to their execs. Small government -- yeah, right!

Ken G
January 18, 2013 at 11:33 am

I agree with the other Ken, this is on the banks to fix, not the US government. Can I ask the US Government for help if I ever get hacked or get my identity stolen? The answer is no, in fact I'd probably be laughed at for even asking. The banks have made enough money, time to pay someone to fix the problem, not get any more bailouts.

January 18, 2013 at 11:26 am

If the banks don't get the help they need and the attacks continue, I'll be interested to see if the US government tacitly approves a private banking initiative to turn the tables on another state (Iran) and hack in self defense. I'm sure they could find talented people for hire willing to help.

January 18, 2013 at 11:00 am

I understand seriousness of cybersecurity and the Government dos have to to lead the charge. What is frustrating to me is the fact that the financial sector and the far right want the Government out of their business with no oversight but when they have serious problems they run tothe Government. Lets hope they learn their lesson, work with the Government and understand, as well, that they will be expected to pay for that cyber protection!