ECB Confirms Hacker Attack And Shuts Down One Of Its Websites

By   ISBuzz Team
Writer , Information Security Buzz | Aug 19, 2019 04:50 am PST
The European Central Bank (ECB) confirmed it suffered a breach that involved attackers injecting malware which led to a potential loss of data, and forced ECB to close down its Banks’ Integrated Reporting Dictionary (BIRD) website until further notice.

Notify of
4 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Laurie Mercer
Laurie Mercer , Security Engineer
August 19, 2019 1:07 pm

While cyber attack simulations using red teams like the ones the European Central Bank deployed are good in theory, they are limited in scale and not nearly comprehensive enough to conduct a thorough assessment of third-party risk. Hacker-powered security, or crowd-sourced security, can provide that degree of scalability due to the number of hackers involved in continuous testing of an organization’s attack surface.

Last edited 4 years ago by Laurie Mercer
Bryan Becker
Bryan Becker , DAST Product Manager and Security Researcher
August 19, 2019 1:05 pm

ECB’s statement claims only contact information was stolen, which almost seems tame in 2019. The scary part is that this breach happened in 2018 but was only recently noticed because of system maintenance. This isn’t that unexpected, though, as the average time for organisations to detect a breach is around 200 days, and around 160 days for the financial sector (which is the second best of all industries!). This just shows how much more difficult it is to handle security reactively than it is to be proactive about it.

Last edited 4 years ago by Bryan Becker
Tony Pepper
Tony Pepper , CEO
August 19, 2019 12:59 pm

The financial services sector is frequently targeted by malicious attackers, due to the nature of the data it receives, shares and manages. The European Central Bank (ECB) is the latest victim, with hackers installing malware that’s thought to have collected email addresses and other details from its Banks’ Integrated Reporting Dictionary (BIRD) website.

It’s important the 481 BIRD subscribers who have had their details compromised be extra vigilant going forward. The compromised email addresses that have been taken from the server could be used in future phishing attacks by malicious actors, enabling them to gain further pieces of personal data or trick recipients into downloading malware to their systems.

These subscribes should be on the lookout for any message that seems suspicious, for example using incorrect branding or poor grammar. In addition, they shouldn’t click on any suspicious links contained in these emails; instead, they should hover their mouse over it to see if the address matches the link displayed or if possible, open the site via another window.

Last edited 4 years ago by Tony Pepper
Ilia Kolochenko
Ilia Kolochenko , Founder and CEO
August 19, 2019 12:55 pm

The breach and its consequences are minuscule compared to most of the other breaches that have occurred in 2019. However, the nature of the breach and the time it took to detect it are quite alarming. The question is how many more breaches of ECB and its externalized systems have not yet been discovered, and what will the impact be.

Third-parties with unknown volumes of sensitive data are the Achilles’ Heel of holistic cybersecurity. Organizations should ensure a comprehensive visibility and up2date inventory of their digital assets, as you cannot protect what you are can’t see. Third-party risk management including verification of how do they enforce applicable data protection policies is another vital though widely ignored task. Finally, a continuous security monitoring should be implemented for all public-facing web applications hosted internally, externally or in the cloud.

Last edited 4 years ago by Ilia Kolochenko

Recent Posts

Would love your thoughts, please comment.x