Capital One Financial Corp. told Bloomberg’s Businessweek that its online banking services had been temporarily disabled on Tuesday but that no customer and account information was ever at risk.
The ‘Mrt. Izz ad-Din al-Qassam Cyber Fighters’ took credit for the attack on the text-sharing site Pastebin, where they also announced their intention to attack Regions Bank and SunTrust. This is the same group that claimed responsibility for attacks on other major financial institutions including PNC, Wells Fargo, J.P. Morgan Chase & Co. and Bank of America among others. They claim the attacks are a retailiation to the infamous “Innocence of Muslims” Youtube video that has reportedly been the catalyst for a number of protests across the Muslim world.
However, experts have noted that the attackers are using encrypted data to bypass the bank’s firewalls and other security measures.
Phil Lerner, VP of Technology at Stonesoft explained via email that encrypting the data stream allowed the attackers to evade any data security controls including the firewall, and, in turn, disable services at Capital One.
Lerner said the attack was a hallmark of data obfuscation and that it could very well be the first public example of what he called an advanced evasion technique (AET) attack targeting a financial institution.
“While this attack has been noticed because of its impact,” Lerner wrote, “many AET attacks leave no trace to current management and monitoring systems, logs or reporters – leaving the devices blind and creating an illusion of security. For this reason, cyber attackers are using AETs more and more.”