More cyberattacks, but less severe: these are the most exposed places

BarcelonaThere are more cyberattacks, but they are now less serious. This is the assessment made for 2024 by the Catalan Cybersecurity Agency, the body that protects the computer systems of the Generalitat (Generalitat). Last year, this entity had to manage a total of 3,372 attacks that had some type of impact on the network. Most were minor, such as credential leaks (phishing) or unauthorized access to email. These technological intrusions that put the security of Catalonia's technological system at risk have increased by 26% compared to 2023, when 2,665 were recorded.

"We will receive millions and millions of dollars in cyberattacks, as many as 6.9 billion in 2024, 38% more than in 2023. But a cyberincident is what a cyberattack effectively achieves," summarizes Laura Caball, director of the Catalan Cybersecurity Agency. That is to say, it has consequences for users. Despite this upward trend, Caballero points out that incidents classified as "very serious" have decreased by up to 30%. "The protection, detection, prevention, and awareness measures are effective," adds the agency's director.

Caballero attributes much of the success to the introduction of improvements in early detection of cyberattacks in the Generalitat's Data Processing Centers (CPD) and a new system for blocking malicious emails in the inboxes of government employees. Furthermore, the Agency has incorporated universities and the Consortium of University Services of Catalonia (CSUC) under its umbrella, a network that currently includes 312 entities, including hospitals and city councils.

Following the cyberattack perpetrated by the RansomHouse group that collapsed the Hospital Clínic in 2023 and leaked 4.5 terabytes of information To ensure the safety of patients, staff, and the operation of the center, the Agency has conducted 60 simulations in public hospitals in Catalonia. It has also carried out five communication campaigns aimed at the public to raise awareness about cyber scams, which have been on the rise in recent years.

The director of the agency, however, warns that cyber scam techniques are becoming increasingly sophisticated. Artificial intelligence is the new helper of cybercriminals, and although there are regulations that prevent tools like ChatGPT from providing information for malicious activities, it's easy to trick them into obtaining the desired information. In fact, according to the public agency, cybersecurity incidents related to the use of AI have increased by 370% worldwide since 2022. Through this tool, malware can be obtained without being a programmer.

Universities and healthcare centers

The most common type of cyber incident is credential leaks, which are when cybercriminals use techniques such as fake emails, SMS, or messages to trick people into giving away their passwords and usernames. Some pretend to be banks or the Treasury to ask users for banking credentials in order to gain direct profit. Last year, there were 2,257 cases. Other notable incidents include illegitimate access to personal or corporate accounts (724), identity theft in fraudulent emails (117), and the distribution and execution of malicious software (102).

Another source of information leakage is when malicious programs are installed on devices to hijack computer files and demand a ransom (ransom, in English) to release them. Once they have the credentials, cybercriminals try to break into the accounts to steal information. According to Caballero, this type of attack accounts for 67% of cyberincidents, with 2,257 cases.

Universities are the most attacked area, with 1,790 incidents. In these spaces, there are students who use their personal devices and who lack adequate protection measures. By using university Wi-Fi, which is under the protection of the Agency, the Generalitat can identify attacks when students use the network on their personal devices. The other most affected areas are Health, with 676 cyberincidents, and other departments of the Generalitat (643).

When should you be most vigilant to avoid cyberattacks? According to Caballero, it's especially important during specific shopping seasons, such as Christmas, Black Friday, or in the summer, when people book travel and hotels. "There's a clear correlation, as they time their attacks to coincide with these periods because they seem more credible," she asserts. The director of the Catalan Cybersecurity Agency insists that if you are a victim of cyber fraud, the main recommendation is to report it to the Mossos d'Esquadra (Catalan Police), since "having information is the only way to track and profile cybercriminals." Caballero also urges improved protection, awareness, and detection measures to "identify attacks as quickly as possible and be able to respond as quickly as possible so that the impact of the incident is zero."