ECB Confirms Hacker Attack And Shuts Down One Of Its Websites

The European Central Bank (ECB) confirmed it suffered a breach that involved attackers injecting malware which led to a potential loss of data, and forced ECB to close down its Banks’ Integrated Reporting Dictionary (BIRD) website until further notice.

EXPERTS COMMENTS
Laurie Mercer, Security Engineer,  HackerOne
August 19, 2019
Hacker-powered security, or crowd-sourced security, can provide that degree of scalability due to the number of hackers.
While cyber attack simulations using red teams like the ones the European Central Bank deployed are good in theory, they are limited in scale and not nearly comprehensive enough to conduct a thorough assessment of third-party risk. Hacker-powered security, or crowd-sourced security, can provide that degree of scalability due to the number of hackers involved in continuous testing of an organizatio ....
[Read More >>]
Bryan Becker, DAST Product Manager and Security Researcher,  WhiteHat Security
August 19, 2019
The scary part is that this breach happened in 2018 but was only recently noticed because of system maintenance.
ECB’s statement claims only contact information was stolen, which almost seems tame in 2019. The scary part is that this breach happened in 2018 but was only recently noticed because of system maintenance. This isn’t that unexpected, though, as the average time for organisations to detect a breach is around 200 days, and around 160 days for the financial sector (which is the second best of a ....
[Read More >>]
Tony Pepper, CEO,  Egress
August 19, 2019
It’s important the 481 BIRD subscribers who have had their details compromised be extra vigilant going forward.
The financial services sector is frequently targeted by malicious attackers, due to the nature of the data it receives, shares and manages. The European Central Bank (ECB) is the latest victim, with hackers installing malware that’s thought to have collected email addresses and other details from its Banks’ Integrated Reporting Dictionary (BIRD) website. It’s important the 481 BIRD subscr ....
[Read More >>]
Ilia Kolochenko, Founder and CEO,  ImmuniWeb
August 19, 2019
Third-parties with unknown volumes of sensitive data are the Achilles’ Heel of holistic cybersecurity.
The breach and its consequences are minuscule compared to most of the other breaches that have occurred in 2019. However, the nature of the breach and the time it took to detect it are quite alarming. The question is how many more breaches of ECB and its externalized systems have not yet been discovered, and what will the impact be. Third-parties with unknown volumes of sensitive data are the Ac ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article