The most dangerous cyberattacks on public networks almost doubled in Spain in the last year

A moment of the conference that the National Cryptological Center (CCN) celebrates in Pozuelo de Alarcón (Madrid). EL PAIS

The National Cryptological Center (CCN) managed 118 critical cyber incidents last year, which is almost double the number in 2020, according to the latest report on cyber threats and trends from this center, which is in charge of the security of the Administration's computer systems. .

The CCN, dependent on the National Intelligence Center (CNI), classifies as critical cyber-incidents those of maximum danger;

that is, those that may affect national security or strategic infrastructures, interrupt the supply of essential services for more than 24 hours or have a cost greater than 0.1% of GDP.

Until Thursday, the secret service and the Joint Command of Cyberdefense, framed in the Armed Forces, celebrate in the City of the Image (Pozuelo de Alarcón, Madrid) a conference on cybersecurity in which some 10,000 people participate (3,600 in person ) from 25 countries, 108 public and private entities and 120 sponsoring companies, in what constitutes the largest event of its kind in Spain.

The objective of the sessions is the construction of a "single cyber shield for Spain", through the constitution of a National Network of Cybersecurity Operational Centers and a National Platform for the Notification and Monitoring of Cyberincidents that will improve coordination and capacity detection and response to a growing threat, according to the deputy director of the CCN, Luis Jiménez.

Among those responsible for cyber espionage attacks, Spanish secret service analysts identify several APTs (Advanced Persistent Threats) linked to foreign States, such as Iran (APT42), China (APT15), North Korea (Lazarus/Hidden Cobra) or Russia. (Turla/Snake).

The first of them, until then dedicated to Iranian exile and opposition, happened in 2020, coinciding with the pandemic, to target the pharmaceutical industry, which would demonstrate, in the opinion of experts, that it adapts to Tehran's political priorities;

while the second has focused on Spain in the government sector;

and the third has used false job offers, through the Linkedin network, to obtain the passwords of executives in the space and military industries.

The CCN technicians are more concerned about the detection,

to capture internal traffic, making it nearly impossible to detect.

The CCN notes an increasing use of the Telegram social network by

and cybercriminals.

“The turning point was the assault on the Capitol on January 6, 2021, since, in the following days, 25 million users registered on said platform due to the reactions of Twitter and Facebook, which eliminated the accounts of those they considered responsible for having incited violence, disseminated disinformation or promoted extremist ideologies”, he explains.

The report also notes increased use of Telegram by cybercriminals, "due to the more lax approach to content moderation", but does not include the turn of Twitter after its recent purchase by billionaire Elon Musk, founder of Tesla and Space X , as well as close to former President Donald Trump.

At the inauguration of the conference, the Defense Minister, Margarita Robles, stressed that "the war in Ukraine has highlighted that mastery of cyberspace is essential" and has assured that the Government is aware that it is necessary to "be every improving, innovating and taking steps forward in cybersecurity”.

The latest CCN report already includes the first attacks linked to the war in Ukraine, such as those suffered by the teams of the Ministry of Defense and the government and financial systems of Kiev just 24 hours before the invasion, some of a disruptive nature but others directly destructive, by infecting them with Wiper

, designed to delete files.

Also Belarus, Moscow's main ally, has suffered attacks by hacktivists.

Subscribe to continue reading

Read without limits

Keep reading

I'm already a subscriber