Banking institutions being subjected to cyberattacks is not new. Hackers have used ATMs in the past to get to the main servers of some of the biggest financial institutions and cause damage.
The latest to suffer is the Bank of Spain, which reported earlier last week that its website was down following a cyberattack that took place.
The site remained intermittently down, though the bank officials claim that the services of the bank have not been seriously affected.
It was revealed on Twitter that Catalan members of the international hackers collective Anonymous had been behind the attack, sharing updates on the operation with tweets tagged #TangoDown.
Mobilizing under the campaign #OpCatalonia, the motivation of Anonymous Catalonia was to protest Spain’s detention of Catalan political figures who are leading the region’s separatist movement.
The campaign has been ongoing since last October in response to Catalonia’s independence crisis.
DDoS the Nature of Attack
Among the kinds of cyberattacks mounted by hackers on such networks in banks or other organizations, distributed-denial-of-service (or DDoS) is a very common one.
This is different from ransomware attacks, where the hacker steals information from the targeted website and then demands that the victim pay an amount to release the data.
In the case of DDoS attacks, there may or may not be a demand for payment, but on occasions the hacker could be simply sending out a message that the website has vulnerabilities.
In this case, though, the message was a political one by Anonymous Catalonia, as reflected in tweets using the hashtag #OpCatalonia.
The GDPR Threat Hanging over European Firms
The Bank of Spain was quick to issue a public statement that there has not been any breach of data on its website.
This is understandable since the regulations imposed in the European Union are quite worrisome for website owners.
According to the General Data Protection Regulation (or GDPR), websites holding personal data of the public at large need to ensure that their sites provide all the protection needed to keep the data safe and secure.
And if any data breaches occur, the firm owning the website can be fined heavily, with penalties going up to €20 million.
Naturally, the European companies and other firms which operate in Europe are quite concerned about this new law and have put in place the best cybersecurity environment they can.
Website Vulnerabilities and DDoS Threats
Considering all these, the Bank of Spain was able to get its systems back in uninterrupted operation at the earliest.
The bank has said that even with the DDoS attack, its communications with the European Central Bank had not been disrupted.
The incident could serve as a timely warning to other banks and institutions to check their systems for any vulnerabilities.