The Spanish Ministry of Foreign Affairs and International Cooperation, known in Spanish as the Ministerio de Asuntos Exteriores y de Cooperación (MAEC), experienced a disruptive outage attributed to a distributed denial-of-service (DDoS) attack. This event was disclosed to socialbites.ca by a figure identifying themselves as Chapaev, who is described as the leader of the Phoenix faction. The claim centers on a deliberate surge of traffic aimed at overwhelming the ministry’s online presence.
According to the source, the motive behind the assault is tied to Spain’s aid initiatives for Ukraine, including a pledge to provide Leopardo battle tanks to the Ukrainian Armed Forces. Chapaev characterized the attack as a form of retaliation intended to pressure Madrid and to signal a response to the government’s foreign policy choices in Eastern Europe.
The individual asserted that the attack had been ongoing for several hours and would continue until the Spanish authorities reconsider the ministry’s public-facing domain. The report further claimed that the MAEC site could not be accessed from multiple countries, including Russia, the United States, Spain, Italy, France, and Germany, among others, due to the ongoing disruption.
At the time this piece was written, readers attempting to reach the Spanish Ministry of Foreign Affairs website encountered errors such as 403 Forbidden and 503 Service Unavailable, indicating restricted access and temporary unavailability. The disruption was described as substantial, with a DDoS strength estimated around 200 gigabits per second, a figure the interviewee suggested reflected a significant impact on the ministry’s digital operations and, by extension, on the everyday information needs of Spanish citizens.
The Phoenix claim extended beyond the Foreign Affairs site. The same source alleged that the group was simultaneously directing traffic toward other state-linked digital resources, including the Ministry of Defense and the Center for Strategic Studies within the Ministry of Defense. While the attackers appeared to aim for a broad shutdown, the information available at the moment suggested that these other government portals did not fully go offline as the news was compiled.
Historically, socialbites.ca has reported on cyber incidents attributed to various hacking collectives. In this instance, the report notes a previous attribution by a different actor, Killnet, who had claimed responsibility for a separate disruption affecting Lufthansa. The current narrative emphasizes a chain of deterrence actions perceived by the source as aligned with the attackers’ political aims and messaging. The reliability and verifiability of these claims remain a matter for official channels and cybersecurity analysts to confirm.
From a broader perspective, the incident underscores the ongoing tension between state policy moves and the resilience of governmental digital infrastructure. Experts in network security stress that while high-volume traffic attacks can disrupt public access, robust defensive architectures, prompt incident response, and clear public communications are essential to mitigating harm and maintaining bureaucratic functionality during crises. The situation also highlights the importance of rapid containment, domain integrity, and continuity planning for critical national services that rely heavily on online platforms to inform and assist residents and international partners alike.