“We may hope that machines will eventually compete with men in all purely intellectual fields” – Alan Turing, “Computing Machinery and Intelligence”
Alan Turing, the British pioneer of computer science, mathematician and wartime code-breaker, had hardly foreseen that machines would eventually become a major source of security threat. With the recent deluge of cyber-attacks on major U.S. banks, computer intelligence has become a rising menace for the financial industry.
The spate of cyber-attacks began with JPMorgan Chase & Co. (JPM - Analyst Report), Citigroup Inc. (C - Analyst Report) and Bank of America Corp. (BAC - Analyst Report), following which Wells Fargo & Co. (WFC - Analyst Report), U.S. Bancorp (USB - Analyst Report) as well as The PNC Financial Services Group (PNC - Analyst Report) were also hit. However, it is all the more alarming that the well-defended sites of these banking majors have suffered connection problems under the yoke of the recent attacks.
What the fantasy world of Hollywood films depicts cyber-crimes to be is far from reality. But the massive security issue has become the focus of many a White House meeting in the last few months.
The Obama administration is circulating a draft executive order that will devise a program to safeguard important computer networks from cyber-attacks. Earlier, the Senate failed to advance the existing cyber-security laws and the administration is considering using the executive order because there is uncertainty whether a bill related to cyber-security can be passed by Congress.
What is surprising is that these attacks have breached some of America’s highly sophisticated computer defenses and exposed their susceptibility. Unknown attackers flooded bank websites with massive data streams, making them unavailable to customers and halting operations for hours.
The method is known as the distributed denial-of-service (DDoS), which often directs a huge amount of traffic from hacked computers to the targeted websites. The volume of Internet traffic that has been directed at these sites was such that most caused a breakdown of powerful servers.
According to The Christian Science Monitor, in Sept 2012, security firms supervising internet traffic noticed a sudden surge of "junk" data directed at BofA’s site, which became a torrent of about 65 gigabytes of information per second. That is roughly 15-30 times more than what is usually seen in cyber-attacks. The attacks in 2013 carry a striking resemblance to this, except that it involved advanced technical sophistication.
Though the U.S. administration is still at a loss to identify the attackers, speculation is rife over the perpetrators being Iranian hackers. The attacks reflect a possible cyber-war between the U.S. and Iran, originating partly from the U.S.’s unleashing of the Stuxnet malware against Iran's nuclear facilities.
Recent Counteracting Initiatives
Countries and corporations are tightening Internet security in order to tackle cyber-crime, developing strategies to upgrade government computer systems and expand cooperation with other countries. Efforts to improve coordination within the private sector are also rising.
With increasing spending from government and large enterprises, we believe companies such as EMC (EMC - Analyst Report), Symantec (SYMC - Analyst Report) and McAfee, a subsidiary of Intel (INTC - Analyst Report) would be encouraged to develop new and innovative products to counteract these attacks. EMC recently announced its intention of spending on acquisitions with security, the other priority besides storage. We believe this policy will boost EMC’s dominant position in the cyber security market over the long term.
While mere listing and coding of security loopholes may not be the answer to hacking, it should serve as a stepping stone toward solving the extremely complex situation. Training and know-how on security matters are extremely crucial since users often unknowingly guide hackers through their actions.