By Filipe Pacheco

BRAZILIAN BANKS ARE KNOWN INTERNATIONALLY for their sharp technology teams, whose expertise is exported to the five continents. The national financial IT industry is considered globally to be leading-edge. Every year São Paulo hosts one of the world’s biggest events of the financial tech industry, gathering some of the biggest players of that market (such as HP, Intel, EMC, Stefanini, Tivit, and BRQ) in one week-long fair called Ciab. It attracts nearly 20,000 people from all over the world who come looking for the latest innovations in banking and financial-transactions technology.

But last week all this technical superiority and experience was challenged by a group of hackers.Considering that background, it’s not really surprising that a group of hackers – in this case named Anonymous Brasil and who claim to be a Brazilian branch of the nebulous international group Anonymous – decided to try to breach all that stalwart IT infrastructure.

On Monday (January 30th) the group announced through Twitter and Facebook what they called “#OpWeeksPayment” – during which they would attack the websites of five different banks, at a time when they had the most traffic. (The first week of the month is usually when the government and many companies pay their employees.)

First to be hit was Itaú, which was shut down for a few hours on Monday. Then, on Tuesday, the target was the site of Bradesco – the biggest private bank in the country, and which was releasing its annual earnings for 2011 that day. Its site stayed offline for at least two hours.

On Wednesday the Anonymous group made attempts to shut down Banco do Brasil, a public bank and the one with most clients in the country. It was the day of payment for many federal employers, including the navy and the air force.

Since the threat had been announced two days earlier, Banco do Brasil said publicly that it was preparing its servers and that technicians were reinforcing all systems. According to the bank, the services were never completely shut down, but that an “instability” of the website was noticed in the morning.

Thursday and Friday were the days to target the sites of HSBC (Brazilian and global corporate pages), Citibank (Brazilian page and citibank.com), Caixa Econômica Federal, Banco Panamericano, Banco BMG, and the Brazilian Central Bank.

The hackers said they were protesting “against the several different kinds of inequality seen in the country.” They stated, through the social platforms, that their objective was not money, so they would not be hacking clients’ accounts or banks’ internal systems.

Analysts from different security companies said they had evidence that the hackers used Denial-of-Service attacks, a well-known method also reportedly used abroad by Anonymous to shut down pages of different entities for practices they object to. In theory, a DoS attack could be used to keep a site’s users from accessing their accounts or other services.

None of the banks has publicly said the problems with their websites were a consequence of the attacks claimed by the hackers. Basically all of the IT teams said that a huge number of access attempts were made and recognized, something like a virtual “bombing of the page.”

Bradesco said that its website typically operates at an average of 40% of its capacity but on he day of the attack it reached 100%. Itaú said its problem was similar, but has not given a clear estimate of how big the damage might be. Apparently no clients were harmed at any of the banks besides the inconvenience of not being able to access the website when desired.

At the end of the day on Friday, the hackers “thanked the patients” through Twitter and said the operation was officially over. If the attacks are actually over is still hard to say, since you might not completely trust those who do not reveal themselves. But one thing is clear: IT directors will have plenty to discuss at the next edition of Ciab in June.