According to an official located on the 14th floor of the Ministry of Economic Affairs and Digital Transformation who spoke with ABC, their computer network had suffered a cyberattack. However, the official account of the institutional body On twitter has denied the news: “No department of the Ministry has received the mentioned attack nor has an investigation been opened by the Police. All cybersecurity systems are active.”

Francisco Valencia, general director of Secure&IT, points out to 20BITS that the press possibly mixed “the attack on the Neutral Point of the General Council of the Judiciary [confirmado en la web de Poder Judicial España] with the attack on the website of the Ministry of Economic Affairs”. In addition, it clarifies that “it is rare that access is obtained from the Neutral Point to attack the website of the ministry” because it is usually hosted “in places that have nothing to do with the servers where the information is located.

- Advertisement -

From Secure&IT they believe that it is probable that simultaneous attacks have been launched and that the aforementioned ministry has suffered an incident. For his part, Juan Francisco Moreda, head of Fibratel’s Cybersecurity Unit, explains for this article that What usually happens in these cases is that public administrations carry out investigations and that, in this case, “they have led the ministry to deny this specific cyberattack”, although it is possible that the investigations will continue.

Marco Gómez, from Academic Affairs and Career Support at 4Greeks, acknowledges for 20BITS that he cannot establish who is telling the truth, but says that it is not uncommon for an institution to be the victim of an attack. “It is enough for someone to open an incorrect email with an account on the internal network and run a virus that spreads to other computers,” explains the expert.

The attack on the General Council of the Judiciary

Although the Ministry of Economic Affairs and Digital Transformation has denied that it has suffered a cyber attack on its computer network, that does not mean that there has not been access to a government site. As mentioned above, the website of the Spanish Judiciary has confirmed that its General Council was affected in the second half of October, specifically in the Judicial Neutral Point, the telecommunications network that connects judicial bodies with other state institutions.

The official version states that the attackers did not access “data relating to legal proceedings or other information held by the Courts and Tribunals.” About this, La Vanguardia reports there has been access to the ‘Analysis’ department from the SARA network, which is in charge of preparing economic forecasts Y employment data, sector production, debt and confidential information of large companies are studied. Although this would not admit that the network of the Ministry of Economic Affairs has been violated, it could justify the information given by some media.

The most common cybercrimes against public administrations

Valencia details for 20BITS that there are two computer attacks that could be considered the most common when the victim is a state institution. “One that has to do with denial of service [ransomware], which prevents the Administration from doing its job,” he says. The second is from Information theft. Attackers are looking for information and money.”

However, the Secure&IT expert assures that it is not necessary to be closed to attacks that have money as their objective, since there are other factors at play, such as “the cyberwar, political motivations, party destabilization that is in charge of an Administration or data access“.

The person in charge of cybersecurity at Fibratel agrees that the economic benefit in attacks on public administrations is not the only incentive and that they also seek to harm the reputation of the administration. In his case, he stands out malware and phishing as the most used tactics.

Gómez underlines the existence of cyberattacks directed by other States, which seek to sabotage or violate the systems, or those of the so-called ‘hacktivists’, such as Anonymous.

How does misinformation about attacks affect administrations?

“Public administrations handle very sensitive data of a large part of the population, as well as state security,” Moreda recalls. “Creating a hoax about a possible cyberattack means damage to the reputation of this entity and, therefore, to the state in general. This can even translate into a negative impact on the country’s economy.”

Information about an attack on an administration is always very popular. Valencia admits that, when it happens in Spain, it is especially vulnerable: “Not only because it is a very unstable geopolitical administrationbut because there is also a very clear fight between the administration of the central government, the administration of the autonomies and the town halls, and between different autonomous communities,” says Valencia.

In addition to the political situation, the Secure&IT expert stresses that “The Administration has never had a sufficient budget to protect itself in terms of cybersecurity.” “And, even if they had that budget, they don’t have the necessary means, knowledge or culture of cybersecurity,” he mentions.

There are attacks on state institutions that are particularly notorious, as Valencia recalls, such as the one from SEPE which occurred in March 2021, the attack to the Ministry of Laborthe attack to Catalan health who exposed the patient data and now the attack to the Judicial Neutral Point.

“Hoaxes are dangerous and in security issues they are even more so,” says Gómez. “Cybersecurity hoaxes affect confidence, generate nervousness and can generate chaos and unexpected reactions in the population.” “Imagine that it is said that the Treasury database has been hijacked, could generate large movements of money and destabilize the economy“, exemplified.

This is how public administrations are protected

Moreda alludes to the amount of sensitive data that public administrations handle of the population and the security of the State. As the Fibratel professional explains, it is important that they have preventive measures, such as employee awareness:

“The human team must be made aware of the importance of not clicking on suspicious links or opening documents of which the sender is unknown. It is true that we must continue working on awareness, but this is happening more and more frequently” .

According to Valencia, the Administrations do not take sufficient measures to protect their websites and services. “They are not applying the security measures that should be done,” he says. There is a level of civil service concerned about security and that they are willing to implement sufficient measures, but are faced with hiring brakes, limited budgets and some negligence in the management of the administration itself”.

Contrary to Valencia, Gómez, from Geeks4, believes that “organizations of great importance, public or private, have considerable awareness of the importance of cybersecurity.” He mentions that it ‘fails’ more on a regional or local scale.