Last December, the Computer Emergency Response Team of the Spanish Cryptologic Centre, CCN-CERT, per its Spanish initials, a part of the National Intelligence Centre, published the Cyber Threats and Trends Report, which linked the increase in teleworking, remote training and the use of technology for socialising or accessing entertainment to the increased risks and cyber-attacks.
Thus, this CCN report highlights that 2020 will go down in history not only because of the global health crisis, but also because of a forced digitalisation carried out in record time (as a necessary response to the transportation issues derived from the pandemic) and the cybersecurity problems in Spain. It further stated that one of the most frequent attacks that companies, remote access systems and other organisations have suffered are ransomware attacks, perhaps because of the profitability it still offers criminals.
These cybersecurity incidents in Spain can be expected to grow along with the increase in connectivity spurred by the transition to the 5G world. In this regard, the cryptology centre specifically highlights the wide range of tools that use the Internet of Things (IoT) technology and the attractiveness of Big Data, not only for information thieves, but also for the creators of fake news or hoaxes.
Less prepared and more vulnerable
In February, the antivirus protection specialist ESET published a cybersecurity report based on data from the last four months of 2021. In it, he ranks Spain as the country that has suffered the most remote desktop attacks in the world, with a figure of over 51 billion. Italy, the second country in the ranking, barely even reaches half of those cases.
On this occasion, the ESET report introduces a comparative study with respect to other countries around us and the fact that we are the most vulnerable, coming in first with a huge advantage over the second, only shows that we have not done our homework in matters of IT security.
When analysing the cybersecurity phenomenon in Spain, we must not forget the logical and tremendous increase in the use of connected devices and how, on many occasions, insecure and highly vulnerable passwords are set. As a whole, this scenario implies that the doors are wide open to cybercriminals because we are not adequately prepared.
Cybersecurity in Spain, a problem for companies
The Next Generation funds released by the European Union for the digitalisation and the development of companies’ cybersecurity plans are coping with the shortcomings detected and are targeting the right goal. However, we must not forget that cybercriminals are forging ahead in their illicit activities, making it necessary to invest continuously in order to fight their threats and to promote intense and constant training, so as to stay ahead of these risks and the attackers’ knowledge.
Regarding cybersecurity investment in Spain, ESET draws attention to it in its report. The return of the Emotet botnet in November 2021, responsible for spamming emails with malicious links, stressed how little importance thousands of companies around the world had given to something as simple as keeping their computers and software up to date.
Emotet is a botnet, i.e. a network of computers that have been infected and which criminals can control remotely through malicious software. This botnet has been considered one of the most dangerous Trojans, and although it was neutralised in 2021, it has become active again. The resurgence of this Trojan has, in many cases, exploited a vulnerability that has been patched for years.
The Internet of Things in the cross-hairs
While many of the attacks target businesses and their supply chains in particular, current trends suggest that criminals are now targeting IoT systems. There is no doubt that new technologies are not only here to stay, but that they expedite all kinds of tasks, improve operational processes and reduce costs. However, they are yet another gateway to cyber risks.
From the smallest and most innocent device, such as a baby monitoring camera, to a logistics management system or remote health services. All of them can be used to cause damage through data breaches or physical damage, Microsoft Azure points out. In this sense, INCIBE, the Spanish Institute of Cybersecurity, points out that connectivity is its main feature, but it is also its weak spot. These devices sometimes come with poor security settings by default, weak passwords or even no passwords at all. Moreover, updates are rare and a significant portion of users are not familiar with the dangers.
There is therefore a need for strategies against cyber-threats, including more didactic communication with the user and training at all levels, both in the work and personal environments. Consumers need to understand the importance of their security, how they can be affected by third-party attacks and the responsibility they have as users.
SMEs, a strategic sector
Small and medium-sized enterprises are a strategic sector, but they are also the ones that show the most signs of weakness in cybersecurity matters within Spain.
According to data from Telefónica Cyber Security Tech, 60% of SMEs that suffer a cyber-attack disappear less than 6 months after the incident, and each attack has an average cost of 35,000 euros. Phishing, ransomware, spamming, malware distribution or remote desktop attacks are some of the most frequent risks.
In the case of these companies, one of the most efficient policies they can implement is hiring industry-standard, expert cybersecurity providers. They focus their work on preventing, detecting and responding to threats in order to reduce attacks, protect your digital services and ensure your business stays focused.
However, investing in securing the business will not do any good if companies do not adopt healthy routines for their equipment, such as frequent operating system updates, installation of security patches as soon as they become available and staff training. Simple routines that help prevent disasters.