Prosecuting a Cyberattack

March 14th, 2017

Five years ago, dozens of the nation’s biggest banks became targets of a sustained cyberattack on the financial infrastructure of the United States. The attacks began sporadically in December 2011, but then escalated—by September of the next year, they occurred on a near-weekly basis, frequently making it impossible for hundreds of thousands of customers to access their accounts online and forcing 46 financial institutions to spend tens of millions of dollars to keep their websites up and running.

It soon became clear who was behind the so-called distributed denial of service attack, or DDoS, which harnessed an extensive network of compromised computers to overwhelm the banks’ servers with a flood of traffic. It was a small group of employees at two computer companies based in Iran and working in part at the behest of the Iranian government, according to the indictment. They were retaliating for a series of cyberattacks on their own systems, according to news reports, which the United States and Israel had unleashed to slow the progress of Iran’s nuclear program.

U.S. law enforcement agencies made their move three years later... To read this article in its entirety and get the full interactive experience of the digital magazine, download the app today!

John Maxfield is a writer and contributor to Bank Director.