News & Comment: Bank of Spain Hit by DDoS Attack


Spain’s central bank says its website was intermittently offline as it struggled to repel a distributed denial-of-service attack. The temporary disruption is a




Andrew Lloyd, President, Corero Network Security

“Worryingly, as of right now (Tuesday afternoon local time), their website ( remains offline despite the attack having started on Sunday.  Whether this is as a result of an ongoing attack, recovering from any resulting damage or as a precaution pending a forensic investigation is not clear.

The recent guidance from the Bank of England (BoE) requires banks to have the cyber-resilience to “resist and recover” with a heavy emphasis on “resist”.  The BoE guidance is a modern take on the old adage that “prevention is better than cure”.  Whatever protection the Bank of Spain had in place to resist a DoS attack has clearly proven to be insufficient to prevent this outage.

Corero continues to recommend that banks and other financial institutions invest in real-time protection that can detect and instantly mitigate attacks before they compromise systems and impact customer service.”