A leading Spanish research institute has become the latest organization in the country to come under cyber-attack from Russia, after a weeks-long DDoS campaign that appears to be geopolitically motivated.
Local reports claimed that prolific hacktivist group NoName057 is responsible for the DDoS blitz, which impacted at least 72 websites between July 19 and 30.
Banks, telecoms providers, media and tourism companies are thought to have been affected by the attacks, which followed a trip by Prime Minister Pedro Sanchez to Kyiv in which he expressed his government’s support for Ukraine.
Victim websites included La Moncloa, the official residence of the PM, the Constitutional Court, the ministries of justice and territorial policy, and Ministry of Defence agency Isdefe.
NoName057 has been linked to previous attacks on organizations in Ukraine allies Poland and Lithuania as well as presidential candidates competing in the Czech Republic.
Although DDoS attacks are relatively benign, they can have a significant economic impact on organizations dependent on their websites to drive sales. They remain a favorite tactic of hacktivists as readily available tools make launching attacks relatively cheap and easy.
Separately, the Spanish National Research Council was hit by a ransomware attack on July 16–17, according to Associated Press.
It’s claimed that no sensitive data was exfiltrated as part of the attacks, which have been attributed to the same actor that compromised NASA and Germany’s Max Planck Institute.
Last November, the FBI warned critical infrastructure (CNI) providers that they are in the crosshairs of Russian hacktivists.
The bureau urged all American CNI firms to use DDoS mitigation services, collaborate more closely with ISPs to manage traffic during incidents and to create a disaster recovery plan.