How a DDoS campaign became an act of cyberwar

In September 2012, US banking websites started picking up floods of fake traffic. It was a denial-of-service (DDos) campaign, waged more or less weekly. It went on for month after month, always hitting in the middle of the week, during normal business hours. Under other circumstances, it could have been taken as a hacktivism campaign, akin to similar actions from Lulzsec or other Anonymous branches. The attacks were all simple floods of traffic, nothing sophisticated or technically demanding. While they certainly made life difficult for a number of network managers, the end result was never more serious than a service interruption in customer-facing online banking sites.

But as it turned out, this flood of traffic was coming from Iran, which pushed this DDoS campaign onto the world stage. US attorneys unsealed an indictment against seven Iranians for "Cyber Attacks against the US Financial Sector." According to the indictment, the attacks were carried out on behalf of the Iranian government and its Islamic Revolutionary Guard Corps, a prime example of the politics of cyberwar. One of those attackers had claimed credit for a previously reported infiltration of a small dam in upstate New York, making these the first public charges for digital attacks on critical US infrastructure.