Bank of Spain Reveals Its Website Suffered a DoS Attack | Cyber Security

On Aug 29, 2018

How AI, Machine Learning, and Endpoint Security Overlap

Apr 17, 2021

11 Useful Security Tips for Securing Your AWS Environment

Apr 7, 2021

The Bank of Spain revealed that bad actors used a denial-of-service (DoS) attack to temporarily disrupt access to its website.

On 27 August, a spokesperson for Spain’s central bank disclosed the attack. They clarified that that incident didn’t affect the Bank’s services or its communications with other institutions including the European Central Bank, an institution from which digital attackers stole customer data back in 2014 as a means of extortion. The spokesperson also made clear that the Bank of Spain, the national supervisor Spain’s banking system and a member of the European System of Central Banks, was at no risk of a data breach as a result of the attack.

“It is a denial of service attack that intermittently affects access to our website, but it has had no effect on the normal functioning of the entity,” the spokesman said, as quoted by Reuters.

The Bank of Spain represents the latest organization in the banking industry to be targeted by digital attackers. In May, online malefactors abused a software vulnerability to transfer more than 300 million pesos (over US $15 million) out of Mexican banks. That was just a few months before malicious hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a coordinated attack across 28 countries.

The campaigns discussed above, including the DoS attack against the Bank of Spain’s website, illustrate bad actors’ ongoing interest in targeting financial institutions. Fortunately, organizations in financial services can protect themselves against these threats by investing in a robust digital security solution. Tripwire’s products, for example, can help financial organizations strengthen their security to maintain continuous availability of services, automate their compliance with relevant data protection standards and use security controls to defend against digital attacks. Learn more here.