European Central Bank closes one of its websites after hack

The European Central Bank (ECB) yesterday closed one of its websites after it was hacked and infected with rogue software. No market-sensitive data was stolen during the attack.

The hack was aimed at the ECB’s Integrated Reporting Dictionary (BIRD), reports Reuters. The ECB uses this to provide bankers with information on how to produce statistical and supervisory reports.

BIRD was established in 2015 and was a joint initiative of the Eurosystem of central banks in the Eurozone and the banking industry. Organisations can participate voluntarily, although the content has been made available to anyone who is interested.

BIRD was hosted by a third party, according to the ECB. It was therefore not connected to other ECB systems. However, the hackers were able to add malware to the server hosting the website. This means that the e-mail addresses, names and titles of subscribers to the BIRD newsletter may have been stolen.

Not noticed for months

Moreover, the attack has not been noticed for months. According to a spokesman for the ECB, initial evidence shows that the attack was carried out as early as December 2018. The hack was discovered during maintenance work.

The ECB contacts people whose data may have been affected, according to the European Central Bank. The hackers were successful in injecting malware onto the remote server to help with phishing activities.

However, the ECB stresses that internal organisational systems or market-sensitive data were not affected by the hack.

Previous hacks

Hackers have focused more often on central banks in recent years. In 2016, for example, the largest digital theft ever occurred. Fraudsters then stole no less than 81 million dollars from the account of the central bank of Bangladesh with the New York Fed. They did this by placing fraudulent orders on the SWIFT payment system.

The central banks of Malaysia and Ecuador, for example, have also been attacked by hackers in the past.