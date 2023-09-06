Response message from a search engine to the attempt to access the website of the Seville City Council.

The Seville City Council has returned to paper annotations and face-to-face procedures after suffering the hijacking of its computer systems by a group of cybercriminals, as confirmed by the Consistory. The hackers They have claimed more than one million euros from the municipal government, although the latter has not yet specified the exact amount and has assured that “in no case will it negotiate with cybercriminals.” It is the second successful attack on the municipal website in three years.

All services have been affected. Among the most important for citizen efforts are those for requesting a prior appointment and paying taxes (the second term for the second term of the Real Estate Tax has just begun), for which the officials have requested that they be carried out in person at authorized bank branches. Emergency devices, such as the Local Police and Fire Department, have also been forced to make notes on paper to record and order the actions.

The Digital Transformation delegate, Juan Bueno, explained that “the technical managers of the City Council and specialized external personnel are working continuously and jointly to determine the origin and scope of the attack and to be able to establish normalcy as soon as possible.”

In this sense, the National Cryptological Center (CCN-CERT) and the National Police Corps have begun to investigate the kidnapping, while the City Council, as a preventive measure, has interrupted all services “until the specific scope of the cyberattack is known.”

“Criminal activities have increased in the first half of the year, with an 8% increase in cyberattacks worldwide, which is the highest volume in two years. Known threats such as ransomware [secuestro y petición de rescate] and the hacktivism [ataques con fines ideológicos] they have evolved further, with threat groups modifying their methods and tools to infect and affect organizations around the world. Even legacy technology like USB storage devices, which have long been gathering dust in desk drawers, have gained popularity as messengers of malware”, explains Eusebio Nieva, technical director of Check Point Software for Spain and Portugal.

The groups dedicated to extortion (ransomware), according to the last report of this company security, they have intensified their tools to exploit vulnerabilities in commonly used corporate programs and have changed their strategy, going from data encryption to prevent access to them to direct theft of information to demand a ransom for its recovery.

Artificial intelligence has also emerged as a tool, either to create fake emails that include links that give criminals access to systems (phishing) to create malicious programs capable of identifying even keystrokes.

In the first half of this year, 48 computer extortion groups have been identified that have attacked more than 2,200 entities. Lockbit3 has been the most active, with a 20% increase in those affected compared to the first half of 2022.

New groups such as Royal and Play have also appeared, according to Check Point. An increase in threats originating in Russia has also been detected since the war in Ukraine.

The number of threats is one of the highest on record Jakub Kroustek, Director of Malware Research at Avast

The data of this company coincides with that of Avast, another computer security company that warns in his last report: “The risk of attacks is the highest seen in three years.” Spain is one of the most threatened countries along with Vietnam, Argentina, France, Brazil, Mexico, the Czech Republic and the United Kingdom.

“Not only is the number of threats one of the highest on record, but criminals are turning to psychological manipulation more often than traditional hacking techniques. malware [programación maliciosa]. This results in the need for our security to adapt to this new format, although it also requires people to better understand scams and educate themselves as an additional form of defense,” says Jakub Kroustek, Director of Research at Avast Malware

At the end of last August, the FBI officially announced the takedown of the international cyberattack organization Qakbot (also known as Qbot), which has affected more than 700,000 computers worldwide, including financial, government, and healthcare institutions.

Two years ago, the City Council suffered another kidnapping, this time through what is known as CEO fraud, through which hackers impersonated the identity of the company that was awarded the Christmas lights contract and managed to divert the million euros of money to their accounts. the concession.

The criminals managed to monitor the digital correspondence through a virus, intercepted the emails from the company supplying the Christmas lights, altered their content and sent them to the municipal Treasury asking them to change the account number, reports Eva Saiz. When the Bank of Spain detected a payment from the Administration to an unusual account, it alerted the Seville City Council.

