3 more major US banks report possible cyber attacks

U.S. Bank and PNC reported problems with their customer websites Wednesday after a financial services security group warned about possible cyberattacks. Meanwhile, SecurityNewsDaily reported that on Tuesday, Wells Fargo may have also been the victim of a sophisticated campaign of distributed denial-of-service (DDoS) attacks.

These reports follow last week's attacks, which affected JPMorgan Chase and Bank of America.

U.S. Bank spokesman Tom Joyce told the Associated Press that some customers experienced intermittent delays. He said the bank was working to fix the problem and was working with law enforcement.


A spokesman for PNC, Fred Solomon, told AP its online operations were mostly normal but some customers had trouble accessing on their first try. He said the bank was aware of a similar threat for Thursday and was taking precautions.

In all three cases, each bank received hundreds of complaints from users who could not access their sites. Although Chase and Bank of America stopped short of declaring that they'd been victims of an attack, security experts and at least one politician made the assertion for them.

The U.S. Bank spokesman told AP that the issue appeared to be related to problems at the other banks in the past week.

Last week, the Financial Services Information Sharing and Analysis Center, an industry group, raised its cyber threat level to "high" from "elevated" because of potential cyber attacks.

Sen. Joe Lieberman, I-Conn., told C-SPAN last week he believed Iran was behind the Chase and Bank of America attacks.

National security officials told NBC News that the continuing bank cyber attacks last week were being carried out by the government of Iran. One of those sources said the claim by hackers that the attacks were prompted by the online video, "Innocence of Muslims" — mocking the Prophet Muhammad — was just a cover story.

The attack was described by one source, a former U.S. official familiar with the attacks, to NBC News, as being "significant and ongoing" and looking to cause "functional and significant damage." Also, one source suggested the attacks were in response to U.S. sanctions on Iranian banks.

But over the weekend, Iran denied its hackers were involved in the bank attacks, the semi-official Fars news agency reported. 

The hacking of websites and corporate networks at Bank of America, JPMorgan Chase and Citigroup began in late 2011 and escalated this year, people familiar with the situation told Reuters.

"We officially announce that we haven't had any attacks," Gholam Reza Jalali, head of Iran's civil defense agency, told Fars, when asked about the report.

Dmitri Alperovitch, chief executive officer of security company CrowdStrike, told the Wall Street Journal Wednesday that the "attack" on Wells Fargo was larger than most he's seen.

"The amount of bandwidth that is flooding the websites is very large, much larger than in other attacks, and in a sense, unprecedented," he told the newspaper.