In the past, Spain has not been as impacted by cyber security threats as some other nations, even in the EU. That said, the threat is rising and recent events (i.e. the global pandemic) have made the situation worse.
In the wake of attacks such as on SEPE, MITES and Cadena SER, let's look at what's happening in Spain regarding its cyber trends, and find out if the nation is ready for cyber security in 2022.
In the year of 2021, cyber attacks grew more frequent - and experts attribute part of this to the increase in Spanish workers staying at home due to the pandemic.
According to the VMware Spain Security Insights Report 2021, 75% of Spanish cybersecurity professionals say the volume of attacks increased last year, and 83% believe they grew more sophisticated. Just over 61% attribute this to the fact that people were working remotely.
COVID-19 also remains the most prominent lure for email scammers, for both cyber criminals and state-backed APTs. ENISA found that the fear and confusion surrounding the global pandemic has made it easier for attackers to exploit people online, for example by impersonating government bodies (like the WHO), offering fraudulent financial assistance, and tailoring attacks against people using personal devices for work.
ENISA listed ransomware as 2021's prime threat, and this type of attack struck some seriously major Spanish companies - such as MasMovil in June. Indeed the Kaspersky Security Bulletin 2020-21, found nearly 57,000 unique European users were struck by malware during that reporting period, of which over 12,300 were from major organizations.
That said, Spain fared better than many of its EU counterparts in recent years, found Crowdstrike. In 2020, 40% of Spanish companies suffered one or more ransomware attacks, putting it below France (60%), Germany (59%) and Italy (56%).
Just like technology has evolved, so too have the business models of hacker groups. In the past two years, we've seen a sharp rise in the number of groups offering an almost traditional SaaS business model, but for malware - ransomware being the most popular at the moment.
With a ransomware-as-a-service business model, almost anybody can purchase malware from its developers and receive the use of its payment and distribution infrastructures, instructions on how to deploy the malware, and even back-office services. Some RaaS groups have been noted to offer customer service support for victims, to help them pay.
19.5% of Spanish companies who suffered a cyber breach in 2021 suffered a negative financial impact - although this is lower than the world average (VMware).
○ Outdated security technology
○ Weak processes
○ Third-party applications
○ Access through smaller organizations ("island hopping")
○ Operating system vulnerability
Phishing, social engineering, credential harvesting - these common attack vectors, and many like them, specifically target people. People are, unfortunately, one of your biggest security vulnerabilities. But, there are a few things you can do to help improve this problem and raising awareness is a good start.
You must try to lift the level of cyber knowledge throughout your company, for all levels of staff. From basics like knowing how to write good passwords to more complex topics like spotting spoofed websites and understanding what social engineering looks like, any improvement in this area could have a drastic improvement on the business as a whole.
Host regular workshops, engage people with quizzes and prizes, and make cyber security a part of day to day life - shout out people doing things well, and send regular small tips to keep it front of mind.
Ransomware locks a system and prevents its users from accessing key files. It's this locking that does the damage, because it can essentially grind a business to a halt - putting its bottom line, and its customers, at risk.
This is why one of the most common ways to defend against ransomware is to back up your system on a regular basis. In the event of an attack, if your team has a backed-up version of the system and they've tested it to know that it works, then it can simply be restored in order for the business to regain access (essentially circumventing the attack).
Just remember to keep your backup offsite and offline. It cannot be connected to your main network because then it would be too easy for malware to spread into the backup - making it useless.
As we've seen in a few recent major case studies, hackers don't need to attack a business to get into their system. They can attack just one third-party vendor and gain a foothold into all of that company's customers at once.
Your organization is only as secure as its partners. So, it's of vital importance that when you are reviewing a new vendor or partner that you involve your cyber security personnel from the very beginning.
Let them help you research the company and negotiate items for the contract. They can spot red flags, and put in place the necessary strategies to keep your company safe from this vendor in the event that it's compromised.
Learn more: "Are you reviewing third parties for security risks?"
Defending against the world's evolving cyber security threats is complex at the best of times, but you don't need to do it all yourself.
We have experts standing by who can help guide you on improving your company's security maturity, from writing policies to implementing new services and raising cyber awareness.
Contact us today for a free maturity consultation and let's talk about your unique needs