DDoS Protection

Bank of Spain Hit by DDoS Attack

Website of Spain's Central Bank Was Temporarily Offline
Bank of Spain Hit by DDoS Attack
Metro station "Banco de España" in Madrid (Photo: Pedro Belleza, via Flickr/CC)

Spain's central bank says its website was intermittently offline on Monday as it struggled to repel a distributed denial-of-service attack.

See Also: Protecting Financial Institutions from DDoS Attacks

But Banco de España says the DDoS disruption didn't have any effect on the organization's operations. It said communications with the European Central Bank were unaffected and that there was no evidence that it had suffered any type of data breach.

"We suffered a denial of service attack that intermittently affected access to our website, but it had no effect on the normal functioning of the entity," a spokeswoman tells Information Security Media Group. "As we are the national central bank of Spain, not a commercial bank, we offer no banking services - on-site or online - to individuals nor firms."

As of Tuesday, the bank says its website has been functioning normally

News that Banco de España's website had been disrupted by a DDoS attack on Monday was first reported by Reuters.

The intermittent disruptions of the Banco de España website are a reminder that procuring DDoS attacks, while illegal, remains relatively easy. A number of websites continue to offer so-called "stresser/booter" services that allow anyone to order up a DDoS attack. Such attacks are typically delivered by stresser/booter service administrators via bot-infected PCs.

Ongoing Arrests

Law enforcement agencies continue to disrupt stresser/booter service providers (see Teen Hacker Avoids Jail Over On-Demand DDoS Attacks).

In April, police in Europe announced that they had seized Webstresser.org, believed to be the world's largest provider of DDoS-on-demand services. Authorities said the site boasted 136 million registered users and had launched more than 4 million attacks against websites - ranging from banks and government agencies to police forces and gaming sites. As part of the takedown, six of the site's suspected top administrators were also arrested in the United Kingdom, Croatia, Canada and Serbia (see Police Seize Webstresser.org, Bust 6 Suspected Admins).

The EU's law enforcement intelligence agency, Europol, also reported that some of the site's suspected top users were arrested in Australia, Canada, Croatia, Hong Kong, Italy, the Netherlands, Spain and the U.K.

Despite such disruptions, however, Darren Anstee of Arbor Networks says a number of rival stresser/booter services remain, and it's unlikely there will be any downturn in DDoS-on-demand attack volume (see Life After Webstresser Disruption: No DDoS Holiday).

Rock-Bottom Attack Costs

Last year, Kaspersky Lab reported that one Russian language provider was marketing a DDoS-on-demand service for $50 per day.

But some offer attacks for as little as $10 per hour, according to security firm Armor's review of cybercrime forum and darknet offerings, published earlier this year. It said some services were advertising a week-long attack for as little as $500.

Last year, the FBI urged organizations that have been targeted with DDoS attacks - which are sometimes accompanied by extortion attempts - to come forward, so law enforcement agencies could glean better intelligence on such attacks.

Top DDoS Targets

DDoS defense firms have different perspectives on which industries are most targeted by such disruptions, most likely stemming in part from the different types of industries they serve.

Arbor Netscout, in a report that reviews DDoS attacks it tracked in the first half of this year, says the top five targeted verticals were:

  • Wired communications carriers (793,377 attacks);
  • Telecommunications (491,314 attacks);
  • Data processing, hosting and related services (316,395 attacks);
  • Wireless telecommunications carriers (157,388 attacks);
  • Software publishers (44,724 attacks).

Meanwhile, DDoS defense provider VeriSign reports that in the first quarter of this year, the most-targeted sector was financial services, which accounted for 57 percent of its mitigation activity. That was followed by IT services firms (26 percent of its mitigation activity) and telecommunications (17 percent).

Source: VeriSign

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.