Excerpts: Iran cyber attacks U.S. banks. Iran says 'no' to site access 10
+++Naharnet (Lebanon) 10 Jan’ ’13:” Irab Blamed for Cyber Onslaught on U.S.
Banks”, Agence France Presse
SUBJECT:Iran cyber attacks U.S. banks
QUOTE:” ‘There is no doubt within the U.S. government that Iran is behind
these attacks ‘ “, Agence France Presse
U.S. financial institutions are being pounded with high-powered cyber
attacks that some suspect are being orchestrated by Iran as payback for
"There is no doubt within the U.S. government that Iran is behind these
attacks," James Lewis, a former official in the state and commerce
departments and now a computer security expert at the Center for Strategic
and International Studies, told the New York Times.
While the identities of those behind the online onslaught officially remain
a mystery, it was clear they were using a potent new weapon for slamming
bank websites with overwhelming numbers or requests for information.
The attackers infected datacenters used to host services in the Internet
"cloud" and commandeered massive computing power to back distributed denial
of service (DDoS) attacks, according to security experts.
DDoS attacks have been a basic hacker weapon for quite some time, but they
have typically involved using armies of personal computers tainted with
viruses and coordinated to make simultaneous requests at targeted websites.
"They are essentially going from a pistol to a cannon," Radware vice
president of security solutions Carl Herberger said of cyber attackers using
datacenters. "That was one major achievement."
The top 20 U.S. banks on Wednesday[9 Jan.] were being hit with a third wave
of attacks, each of which has been preceded by a claim of responsibility by
a group calling itself Izz ad-Din al-Qassam Cyber Fighters.
The attacks began in September of last year, according to Radware, which
specializes in commercial computer security and has been investigating the
"The landscape we are seeing is essentially a persistent industry sector
attack that is unprecedented," Herberger said.
"There have been a number of lulls in cyber fighting, with waves concluded
Attackers have shrewdly tailored requests to target encrypted pages or data,
which are more complicated to process and therefore tax websites more,
according to Radware.
"The world of DDoS is about consuming resources fast; however you can get
inside an encrypted algorithm you can multiply your effect," Herberger said.
"It is a wonderful tool from a perpetrator's perspective."
Such requests are particularly nefarious because encrypted exchanges are
often shielded from security software intended to guard against attacks.
It appeared that no money was taken in the attacks, but Herberger warned
that the full extent of the damage had yet to be assessed.
He described how hackers sometimes use DDoS attacks to trigger fail systems
that can sometimes allow invaders to get to data.
"I call it the battering ram effect," Herberger said. "They literally batter
in the front door; that is a really dark side of this world."
Attacks on banks could also be test runs for assaults on other business
sectors or even smart systems controlling vital infrastructure.
"Let's suppose this is state sponsored," Herberger proposed. "Could these
not be dry runs? If the banks are permeable what is the likelihood that
other systems are?
John Bumgarner of the U.S. Cyber Consequences Unit, a non-profit group that
studies the impact of cyber threats, cautioned against rushing to assign
blame for the attacks.
"These attackers are using the anonymity of the cyber space to mask who they
are," Bumgarner said. "There is not irrefutable evidence that the Iranian
government was responsible."
+++SOURCE:Jordan Times 10 Jan.’13:”Tehran dents UN nuclear watchdog hopes of
access to key site”, Agence France Presse
SUBJECT:Iran says ‘no’ to site access
QUOTE:”Iran ,,, would not agree to any inspections beyond those of declared
nuclear sites required by the NonProliferation Treaty (NPT)”-
TEHRAN — Iran on Wednesday poured water on the UN nuclear watchdog’s hopes
of securing access in talks next week to a military complex where suspected
past research intro atomic bomb triggers might have been carried out.
Iranian Atomic Energy Organisation Freydoon Abbasi Davani said Tehran would
not agree to any inspections beyond those of declared nuclear sites required
by the Non-Proliferation Treaty (NPT).
“Our talks with them will be based on laws and regulations and based on the
rights of our nation,” Abbasi Davani told state television. “We will not
accept anything more than what is in the NPT.”
For the past year, the International Atomic Energy Agency has been trying to
reach agreement with Iran on a “structured approach” to allow inspectors to
conduct spot checks on sites not covered by the treaty.
Foremost among those is the Parcaccesshin military complex outside Tehran, a
non-nuclear site where the IAEA suspects Iran may have conducted past tests
of conventional explosives that could be used to detonate an atomic bomb.
After a visit to Tehran last month, IAEA chief inspector Herman Nackaerts
said he was confident that an agreement could be finalised at next Wednesday’s
talks and that access to Parchin would be “part of” it.
He had expressed similar optimism in December 2011, only for his hopes to be
dashed early last year.
Abbasi Davani said that Iran remained ready to answer any concerns the
watchdog had, provided it was given the intelligence on which they were
“We will try to resolve any question marks the IAEA has that have been put
to them by foreign intelligence services. But, for us to do so, the IAEA
must give us the documentation and evidence so that we can study them,” he
The IAEA wants Iran to address substantively a mass of what the agency calls
“overall, credible” evidence set out in a major 2011 report that Iran did
weapons research up until 2003, and possibly since then.
Iran denies seeking or ever having sought nuclear weapons, and rejected the
alleged evidence outright in a series of meetings with the IAEA last year.
Much of the information on the alleged weapons research comes from foreign
intelligence agencies, including from arch foe Israel, the Middle East’s
sole if undeclared nuclear-armed state which has threatened to bomb Iran.
The IAEA has zeroed in on Parchin because its information on activities
there is “independent”, such as from commercially available satellite
imagery, and from an unidentifed “foreign expert”.
Iranian foreign ministry spokesman Ramin Mehmanparast had hinted that access
might be granted to Parchin, but only once a “comprehensive agreement” with
the watchdog has been reached
Sue Lerner - Associate, IMRA