The world is connected. What happens in one part of the planet directly affects other countries. The organizations that decide the ultimate goals of each country face the current digital age scenario as their main challenge. Currently, many experts advocate for the elimination of protective barriers as the only means of prevention. They want to adopt tools that remotely protect control systems to avoid cyber risks, meaning they are resorting to cybersecurity in Spain.
For these years, the situation in cyberspace is expected to worsen. Know the Key cybersecurity trends and threats.
What is cybersecurity?
Cybersecurity is the protection of assets of information, especially that which is contained in a device or circulates on computer networks and systems.
Cybersecurity works with those reliable systems that are capable of taking action during the process to mitigate potential risks that could jeopardize the security of users and systems. In other words, cybersecurity in Spain refers to information technology security. It also protects the physical systems (nuclear power plants, dams, thermal power plants), Logical systems (payment processing units, digital media, operating systems), end users, servers, storage devices, mobile devices, and many others.
United States spends millions of dollars a year on cybersecurity to protect its systems from future cyberattacks. According to the INCIBE, In Spain, more than 70% of companies are targeted by cyberattacks. We rank third in the number of incidents recorded since 2016.
What are the most common attacks?
First of all, we must differentiate between hacker and cybercriminal. A hacker is not bad; they don't steal information or cause disasters. A hacker exploits vulnerabilities and reports them, while a cybercriminal does the exact opposite.
There are three types of threats: The cyberwarfare, whose aim is to destabilize the political state of countries. The cyberterrorism, establishing a climate of terror among the citizens. The cybercrime, which consists of committing crimes for financial gain.
The attacks range from Ransomware (it is the most effective and sophisticated system), the cybercriminal seizes the computer's data and demands ransom to recover it extortion/threats. It arrives via email or downloads; Trojans, espionage, password theft, social media account hijacking, Gmail, privacy attacks, identity theft, cyberbullying, exploits, computer worms, etc. According to experts, ransomware is the most dangerous. In 2017 alone, it affected more than a billion people worldwide.
That same year, attacks surged worldwide; among other incidents, more than 1.5 terabytes were stolen from HBO featuring content on the latest TV series, including Game of Thrones. Hackers threatened to leak content if they were not paid a sum of money in bitcoin.
How can these attacks be prevented?
There are multiple tools for protection of our data. Among them, the most common are:
–Protecting ourselves with antivirus software. It is important to note that the installation of antivirus software will not be exempt our systems from being threatened. It helps minimize the risk of infection, but will never save us from a threat. The cybercriminal So, they’ll create an exploit, a worm, malware… that bypasses and exploits current security systems; security firms will rush in and release an update—are we really protected?
–Data Protection (FIREWALL). Communications protection is responsible for protecting companies from threats like denial-of-service attacks, unauthorized access, etc. Data protection is essential in any field. Many companies, public administrations, and infrastructures are protected with physical systems.
–Against fraud, there is no single tool. We must use common sense and be wary of unreliable pages, strangers, etc.
–Better safe than sorry. We cannot guarantee security, but we can optimize it, take preventive measures, and implement strategies to reduce our vulnerability, Telefónica It suffered a cyberattack months ago, and they have engineers and sophisticated security measures in place. Keeping company data safe in the cloud or on other devices will ensure we have a lower margin of error.
There are multiple malwares that cannot be stopped. Among others, one of the most talked about currently is the Coldroot. This is malware that affects systems such as macOS and collects information through an audio download file that the user must run. Finally, it connects to a remote server to transmit the information.
Although it's more established on macOS, it's also available for Windows computers. It's likely that the trojan will start spreading soon, and in that case, not even Linux distributors will be safe.
Law enforcement agencies, including the National Police Corps (Policía Nacional) and the Civil Guard (Guardia Civil), are the primary bodies fighting cybercrime in Spain. Additionally, the National Cryptologic Center (Centro Criptológico Nacional - CCN) plays a crucial role in cybersecurity and cyber defense, as does the National Cybersecurity Institute (Instituto Nacional de Ciberseguridad - INCIBE), which focuses on promoting cybersecurity awareness and providing support to citizens and businesses.
–National Cybersecurity Strategy (NCS). Frame of reference for the implementation, coordination, and harmonization of state resources, in public-private collaboration, and in citizen participation. It is comprised of the National Security Council, the Specialized Situation Committee, and the Cybersecurity Committee in Spain.
–National Center for the Protection of Critical Infrastructure (CNPIC). According to the Ministry of the Interior, it protects Spain's vulnerable infrastructures.
–Cybercrime Unit of the Civil Guard (GDT) and Technology Brigade of the National Police (BIT). They belong to the Civil Guard and the National Police. They investigate computer crimes such as cyberterrorism, cyberbullying, etc.
–Spanish Data Protection Agency (AEPD). It is a public body whose function is to guarantee the security of data stored by the Administration and companies.
–National Cybersecurity Institute (INCIBE). It works to strengthen digital trust, increase cybersecurity, and build a reliable digital market. It depends on the Ministry of Economy and Business. It researches, supervises, and coordinates to build a national cybersecurity framework.
–National Cryptologic Center (CCN-CERT). It stops threats against IT systems and Public Administrations.
–Regional CERTs: They detect and resolve security incidents in the regional government's computer systems.
Familiar faces in cybersecurity
There are currently companies that are actively working to ensure the security of our systems. Some of these companies include:
- Fortinet. It is a multinational company originally from the United States. It is engaged in the development and marketing of software, devices, and services for cybersecurity, such as antivirus, firewalls, intrusion prevention, and endpoint security.
- Palo Alto Networks. It is a U.S.-based multinational cybersecurity company headquartered in California. Its main products include Advanced firewalls and cloud-based solutions that use these firewalls to address other security concerns.
- Sophos. It is a British bandsecurity software and hardware. This company develops products for encryption, network security, mobile threats, email security, etc.
A well-known figure in the cybersecurity field in Spain is José María Alonso, known as Chema Alonso. He currently works at Telefónica, but he is one of the hackers with the most prestige in Spain. In 2017, he was awarded the Civil Guard medal with a white distinction. Two years ago, Telefónica suffered an attack called WannaCry with worm capabilities. This involved retaining all information contained on each computer, and to regain access to the files, they would have to pay 300 dollars in bitcoin computer affected, otherwise files would be automatically deleted. It was one of the biggest attacks seen in our country to date.
Are elections in Spain hackable?
In the General Election the political future of the next four years will be decided. It's no wonder that given a Political landscape Thus, countries are subjected to cyberterrorism in an attempt to influence election results. It has already happened in the 2016 elections in the U.S. with the famous “fake news”or the Mass WhatsApp messages in Brazil last year.
The Department of Homeland Security, the Office of the Secretary of State for Communication, and several ministries have joined forces to carry out a unit to combat threats and cyberattacks.
All precautions are few, Eusebio Nieva, director of Checkpoint In Spain, he states that it is very difficult to hack election results, since they are counted manually and the electronic tally is only used to obtain preliminary results. He also states that he does not consider digital voting feasible, since there would need to be widespread adoption of the Electronic ID card and doesn't see the results in the short term.
Although it is unlikely that they will affect the outcome of our elections, it is still advisable to be aware of some methods that can alter public opinion such as: the use of fake news, WhatsApp, social media, and the creation of automated bots that generate viral content and have a significant impact on public opinion, etc.
Just yesterday, a news story about the political situation in Spain was released, The indoor camera that was monitoring Pablo Iglesias's villa was hacked.. It’s no surprise that things like this are happening these days; we need to stay vigilant and not let our guard down.
As we've seen, there are currently many organizations working to ensure cybersecurity in Spain. We'd like to hear your thoughts—please leave us a comment on our Contact section.
Plus, discover How to maintain security at your event in 6 steps, Don't miss it!