Cyber Incident Victim: Central Bank of Bosnia and Herzegovina
Date:
May 2016
Location:
Bosnia and Herzegovina
Summary
The Central Bank of Bosnia and Herzegovina suffered a DDoS attack as part of a coordinated campaign by hacktivist groups Anonymous and Ghost Squad targeting multiple international financial institutions. The attack temporarily disrupted the bank's online services alongside several other central banks globally, though services were restored shortly afterward. This operation, dubbed Op Icarus, aimed to protest financial corruption highlighted by the Panama Papers leaks, with the groups threatening further attacks against over 160 banking entities worldwide.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On or around May 6, 2016, the Central Bank of Bosnia and Herzegovina experienced a distributed denial-of-service (DDoS) attack that temporarily disrupted access to its official website. This incident occurred as part of a coordinated campaign called Operation Icarus, orchestrated by the hacktivist collective Anonymous in collaboration with Ghost Squad Hackers. The attackers simultaneously targeted eight international financial institutions, including the Central Bank of the Dominican Republic, Guernsey Financial Services Commission, Central Bank of Maldives, and Dutch Central Bank on May 6, followed by the National Bank of Panama and Central Bank of Kenya on May 7. The Central Bank of Mexico was also compromised alongside the Bosnian institution. Anonymous had publicly announced these attacks through a video released on May 4, declaring their intent to execute "one of the most massive attacks ever seen in the history of Anonymous" against the global banking sector.
The DDoS attacks succeeded in temporarily taking the Central Bank of Bosnia and Herzegovina's website offline, though all affected banking websites reportedly resumed normal operations shortly afterward. Anonymous explicitly linked their targeting of the National Bank of Panama to the Panama Papers leaks, stating it was selected due to the perceived corruption exposed in those documents. The group published an extensive list of 160 potential targets for their month-long campaign, including prominent institutions such as the US Federal Reserve, IMF, World Bank, and Bank of England. This incident occurred amid heightened cybersecurity concerns for financial institutions following high-profile breaches like the Bangladesh Bank cyber heist and the Qatar National Bank data leak. The attacks demonstrated hacktivists' capability to disrupt critical financial infrastructure, though no data breaches or financial thefts were reported in connection with this specific DDoS campaign against the Central Bank of Bosnia and Herzegovina.