Reuters reported that Ally may be the latest bank targeted by Mideast cyberattacks. According to the Reuters article, Ally has "confirmed it was monitoring unusual activity on its web site." It appears Ally has been able to handle the attack. The Ally spokeswoman told Reuters that "There has been no customer impact related to unusual activity, and there is no indication of security concerns pertaining to customer information." I've been able to access Ally Bank's website without problems in the last couple of days.
Earlier this week, Capital One and BB&T confirmed being hit by these attacks. Today, a reader posted in the forum that he has been unable to login into his Discover account. I have not yet seen any news reports about Discover Bank being attacked.
Reports of cyberattacks against major U.S. banks began in September. As I described in September, these attacks are what are called distributed denial-of-service (DDoS) attacks in which hackers can overload websites and make them inaccessible by others. There have been no reports that customer accounts have been compromised.
The latest reports from U.S. officials have indicated that the hackers have been supported by the Iranian government. Iran may be retaliating against sanctions that have hit its economy.
There are concerns that the banks are not adequately communicating the problems they have been experiencing. This WSJ article reviews the issue and describes cases in which Wells Fargo and Bank of America customer support were clueless about the recent disruptions.
The WSJ article also warns that these DDoS attacks may portend more serious threats:
Such attacks may appear like victimless crimes, but they sometimes augur more serious breaches because they occupy engineers' attention and give attackers insight into how companies' systems work.
One reader commented in my last post about how denial of service attacks have sometimes been combined with a redirection attack. In this case, online banking customers could be redirected to a hacker's site that looks like the login page of their bank. This kind of attack is called pharming. The popular website Consumerist was recently offline for almost a week after hackers were able to redirect Consumerist pages to spam websites.
I have not heard recent reports of any pharming attacks on the banks, but it's a good idea to be aware of this threat. That's one reason why banks in the last few years have added additional steps to their login process in which they will display a predefined phrase or image known by the customer before the customer is asked to enter his/her password. Bank of America calls this SiteKey. It's a good idea to be on the lookout for anything suspicious while you're logging into your online bank accounts.