Banco de España website was temporarily offline
The central bank of Spain says that its website remained offline intermittently, as it had trouble repelling a distributed denial of service (DDoS) attack. However, Banco de España mentions that the DDoS attack had no effect on the organization’s operations, also mentioning that the communication with the European Central Bank was not affected and that there is no evidence to suggest a data breach.
A bank spokesman stated: “We suffered a denial of service attack that intermittently affected access to our website, but had no effect on the normal functioning of the entity. As we are Spain’s central bank, not a commercial bank, we do not offer banking services, either on the site or online, to individuals or companies”.
Cyber security organization experts believe that the Banco de España attacks are a reminder of how relatively easy it has become to deploy DDoS attacks on demand. Several websites are offering the so-called stresser/booter services that allow anyone to request a DDoS attack. Such attacks are deployed by the admins of these services through bots-infected PCs.
Arrests keep going
Police agencies continue to hunt stresser/booter services providers. In April, the European police announced that it had seized Webstresser.org, site considered the largest supplier of the world of DDoS services. Cyber security organization experts from the International Institute of Cyber Security estimate that the site had 136 million registered users and had launched more than 4 million attacks on websites, from banks and government agencies to Police forces and online gaming sites. As part of the operation, six of the alleged site administrators were also arrested in the United Kingdom, Croatia, Canada and Serbia.
Cost of attacks
Cyber security organization experts reported last year that a Russian supplier was trading with DDoS attack services, offering deployments in figures from $50 USD per day. But some vendors offer attacks for only $10 USD an hour; on the other hand, some services offer a week-long attack for as little as $500 USD.
The attackers’ favorite targets
Although estimations of the industries that suffer most from DDoS attacks vary depending on several factors, experts in cyber security organization agree that the major service providers affected by DDoS attacks are financial sector companies, cloud storage and hosting services, and the telecom industry. In addition, over the first half of 2018, nearly 2 million attacks on organizations around the world have been registered.