OpSpain New Phase To Commence 1st March 2018
Target: Spanish Organizations
Attack Vector: DDoS/Defacement/Hack & Data Leak
Summary: Following the arrest of the hacktivist Xelijomuo by Spanish authorities in relation to #OpCatalunya linked activity, a number of @Anonymous affiliated actors and groups have announced their intention to retaliate against a number of Spanish linked organizations commencing 1st March 2018.
Risk assessment summary: It is currently assessed that #OpSpain and affiliated operations present a 3b MODERATE threat to Spanish linked entities. Although hacktivists have released a target list, this is likely to expand as the operations develop and it should be anticipated that this threat will extend into the medium term.
Although @Anonymous have announced 1st March 2018 as the start date, it appears that activity has already commenced against Spanish targets and it should be assumed that #OpSpain is now in an active phase. The operation also comes as Hacktivist activity has been increasing and the currently active hacktivists appear capable and credible. Although social media activity is relatively muted at present, the arrest of one of their own is almost certain to act as a driver for the wider @Anonymous collective to become involved.
It is likely that attacks will be a mixture of DDoS, website defacement, hacks and data leaks. It is recommended that stakeholders increase awareness, ensure all DDoS mitigation measures are in place, all patches and updates have been carried out and system users remain vigilant for phishing attempts. Additionally, customer-facing websites should be closely monitored for signs of defacement. Monitoring of the threat environment will continue in order to identify further actionable intelligence.