Most serious cyberattacks against Spain come from foreign governments

The National Cryptology Center has dealt with over 19,000 security incidents so far this year

Up to 90% of the most serious cyber-attacks against Spanish government agencies or strategic companies are launched by foreign governments, according to the National Cryptology Center (CCN), a branch of the Spanish intelligence services. So far this year, the CCN has dealt with more than 19,000 cyber-security incidents, a 5% rise from 2015. Of these, 3% were considered highly dangerous or critical.

The National Cryptology Center in Madrid.
The National Cryptology Center in Madrid.

Cyber-espionage continues to pose the greatest threat, according to a CCN report entitled Cyber-threats 2015 / Trends 2016. This threat is “particularly aimed at information systems of industrial corporations, defense businesses, high-tech firms, the auto industry, transportation, research institutes and government agencies.”

The report goes on to say that “on significant occasions, these actions were carried out by foreign intelligence services or defense departments,” although “in the case of industrial cyber-espionage, it is private organizations who do the attacking.”

The Foreign and Defense ministries are particularly susceptible to cyberattacks

The Foreign and Defense ministries are particularly susceptible to cyber-attacks, notes the study.

CCN deputy director general Luis Jiménez and his chief of cyber-security Javier Candau declined to name the specific foreign governments behind the attacks, alleging that it is very difficult to obtain evidence that would be upheld in court.

“We settle for detecting [the attacks] and cleaning” the systems of intruders, he said.

But the CCN officials added that geographically, many of the attacks originate in China, Russia, Eastern Europe and the United States.

Rise of cyber-jihadism

Experts note that cyber-jihadism is a serious emerging threat.

“For now, their attacks have been limited to defacing websites, small-scale denial of service (DDoS) attacks, or more commonly, the use of internet and social media to disseminate propaganda, find recruits and radicalize followers, which does not require in-depth knowledge or infrastructure,” reads the report.

“But the capacities of cyber-jihadism are just now revealing themselves, and it is to be expected that more numerous, more sophisticated and more destructive attacks will take place in the coming years as long as the current situation around Daesh persists.”

Phishing is a major source of cybercrime in Spain.
Phishing is a major source of cybercrime in Spain.Reuters

Jiménez and Candau gave a press conference to introduce a cyber-security symposium scheduled for December 13 and 14 in Madrid, where more than 1,400 experts will gather to observe the CCN’s 10th anniversary.

Over this past decade, the center has dealt with around 66,000 cyber-incidents, drafted over 80,000 intruder detection rules and conducted 135 security audits. On an average day it handles 2.5 million security events and 1.5 very serious or critical incidents.

Despite these figures, the threat level in Spain is similar to other European countries, said CCN officials.

On the other hand, losses derived from phishing were estimated at €60 million in 2015, putting Spain in the second spot after the United Kingdom.

English version by Susana Urra.


More information

Recomendaciones EL PAÍS
Recomendaciones EL PAÍS