A cyberattack of Russian origin leaves the CSIC without internet connection for two weeks | Science
is the headline of the news that the author of WTM News has collected this article. Stay tuned to WTM News to stay up to date with the latest news on this topic. We ask you to follow us on social networks.
The Higher Council for Scientific Research (CSIC) suffered a cyberattack from Russia on July 16 and 17, as reported by the Ministry of Science and Innovation. The attack, which according to the Ministry has not been able to extract data, was detected on July 18, which forced the initiation of the protocol to control and resolve the attack, which is why Internet access has been cut since then of various centers assigned to prevent it from spreading further in the body.
In the absence of the final report of the investigation, explains Science and Innovation, the origin of the cyberattack —of the ransomware— comes from Russia, but they assure “that no loss or kidnapping of sensitive and confidential information has been detected”. This attack is similar to that suffered by other research centers such as the Max Planck Institute or NASA in the US, they explain.
Currently, only just over a quarter of the CSIC centers have recovered their internet connection as a result of the defense protocol for these cases and they hope that in the next few days it will be restored in the rest.
The attack called ransomware It is one of the extortion techniques preferred by cybercriminals in recent years. It consists of getting the victim to be infected with a program that is downloaded to the computer and encrypts the system, to then ask for a reward in exchange for freeing it from kidnapping (ransomware is the contraction of ransom Y software, ransom, and computer program in English, respectively). The attacks by ransomware They have multiplied since the pandemic appeared, according to numerous reports from cybersecurity companies and the National Cybersecurity Institute (Incibe).
Europe has suffered an increase in cyberattacks since the Ukraine war began last February. Fearing Russian assaults, Spain raised its cybersecurity alert to level three, out of a scale of five, in March and special attention was paid to computer attacks from these countries in conflict, according to Defense Minister Margarita Robles. , in the Congress of Deputies.
In addition, a cybersecurity committee was created, led by the National Cryptologic Center (the specific body in the matter that depends on the CNI secret service), under the umbrella of the Crisis Committee activated by the Government at the beginning of the Ukraine crisis. Three months earlier, when the war had not yet started, but the crisis in the area was increasing due to the movement of Russian troops, a report from this center warned of the risk of cyberattacks “of high persistence and technological sophistication”.
Offline in labs
The problem of the CSIC had been denounced for days by some workers of organizations dependent on the CSIC through Twitter and even in a letter to the director of EL PAÍS. In it, Pablo Chacón Montes, from the Rocasolano Institute of Physical Chemistry (IQFR-CSIC), denounced that the Spanish cybersecurity authorities, CNN and COCS, decided to disconnect the Network after a “minor and localized” attack and, as a consequence, they were inoperative. Juan Antonio Añel Cabanelas, a worker at the EPhysLab associated with the CSIC, described through their social networks of “incompetence to the maximum degree” the situation and explained that he has been using the mobile data of his device for two weeks to be able to work and that the phones do not work either.
Other Spanish public institutions have been victims of various attacks in recent times, such as the Renfe Cercanías website or the Congress of Deputies. In March 2021, the State Public Employment Service (SEPE) suffered an attack that paralyzed the processing of new benefits from the Ministry of Labor, from public unemployment insurance to ERTES, among others. In addition, it forced a return to the old forms that were filled out by hand to allow work to continue. According to the first evidence of the attack, everything indicated that it was the same type of attack that the CSIC has now suffered, ransomware. Almost a year later, the official Instagram account of the Spanish Defense General Staff was attacked, although it has no connection to the internal networks of the Ministry of Defense and the Armed Forces, and the wall was filled with selfies of a young woman
Not only public entities have been harmed, but also private entities and even humanitarian aid NGOs. 39% of companies have reported weekly digital breaches in their systems, as confirmed by the UK Digital Department in April this year. One of those companies that have suffered this intrusion is Iberdrola. In mid-March, the Basque company suffered an attack that compromised the personal data of 1.3 million customers, including name, surname, ID, address, telephone number and email address. However, the cybercriminals were unable to access financial data, such as checking account or credit card numbers.
You can follow MATTER in Facebook, Twitter and Instagramor sign up here to receive our weekly newsletter.