The global instability generated since last February 24 by russian invasion of ukraine has caused a notable increase in cyberattacks on the computer systems of the Council of Tenerifewhich went from receiving an average of between 140,000 and 180,000 weekly sabotage attempts in the first days of the year to counting more than 200,000 in the first week of war, as he acknowledges the insular director of Modernization of the Cabildo de Tenerife, Daniel González. The increase in the last four years has been very notable: in 2019 an average of 70,000 weekly attacks were registered; more than 100,000 every seven days in 2020; an average of 180,000 in 2021, and in 2022 peaks of 200,000 have already been recorded in just one week.
González stresses that the firewall system or firewall the Council of Tenerife, whose function is to protect your internal network from intrusions, attacks or viruses, “blocks these attempts, which has allowed us that the serious impacts have been zero so far.” Despite the large number of attacks, the island administration has come out unscathed and has not suffered the consequences that, for example, they did block the Public State Employment Service (Sepe) in March 2021.
The island administration of Tenerife received an average of 70,000 weekly attacks in 2019, a figure that in 2020, the year the pandemic began, grew to 100,000.
The computer defense of the Cabildo de Tenerife has a cost of around one million euros for a period of four years, which began in 2021. The Tenerife administration has an agreement with the National Cryptologic Center (CCN), which depends on the National Intelligence Center (CNI), the Spanish espionage service. “We have meetings every week and we follow their recommendations,” he details. Daniel Gonzalez. This agreement already benefits the Island Council and the five municipalities with the least population on the island (Vilaflor, Fasnia, El Tanque, Buenavista and Los Silos). Now it will begin to be applied in 12 of the 17 municipalities with less than 20,000 inhabitants and public institutions such as the Institute of Social and Socio-Health Care (IASS)“until we complete that list of 17 municipalities.”
“Cybercriminals sometimes have access to very powerful technology for military use that comes from the secret services of third countries. That forces us to ally ourselves with the CNI”
“We make an effort to protect the Cabildo, but we have to get involved to guarantee the cybersecurity of smaller administrations such as Vilaflor Town Hall, that alone a minimum protection system could not be set up to defend against cybercriminals, who sometimes have access to very powerful technology for military use that comes from third country secret services. That forces us to ally ourselves with the CNI.”
Daniel Gonzalez ensures that for the National Cryptologic Center, «the Cabildo de Tenerife is the national benchmark for councils and councils. They have set us as an example to imitate in this second year of joint work. It has been a success because to date we have not had any major impact, despite the high number of attacks.
In just two years, the number of cyberattacks on the Cabildo de Tenerife has multiplied by 2.5, reaching a weekly peak of 200,000 at the start of the war in Ukraine.
“Behind this volume of attempts there are many automated systems, which allow them to attack us through robots that are the ones that launch these continuous attacks to try to find weaknesses. In October 2021, for example, an unusual number occurred: one million attacks in seven days.. The important thing is that for now we have managed to stop them and that means that we are less and less attractive to these cybercriminals. It is not being profitable for them to attack us and we hope to be able to discourage them”, explains the person in charge of the insular Modernization area.
“In the world of cybercrime, the most important thing is to have information. It is something similar to what happens with the pandemic. It is necessary to have information on the latest variants of attacks and computer viruses that occur in the world. Get to know them as soon as possible, even if it is an attack on the City Hall of Buenos Aires, in Argentina. And in this aspect, the work of the CCN and the CNI is fundamental, since they have access to international information that allows us to anticipate everything that is coming”, specifies the insular director.
According to González, «we have to try to do prevention, anticipate the attacks. For that we need adequate and updated technology, with information from the rest of the world, and also have specialized personnel. A team of cybersecurity experts capable of resolving those incidents.” In the case of the Cabildo Tenerife there is three external specialists expressly dedicated to stopping these attackswith the support of Cabildo staff, who improve their training with specific courses and various security drills.
The insular investment in cybersecurity, which It started for 800,000 euros and is already over a millionwill allow this protection to benefit the Council of Tenerife and to the 17 municipalities of the island with less than 20,000 inhabitants.
“These are automated and generalized attacks”
The superior engineer in computer science from the University of La Laguna, hacker and cybersecurity expert deepak daswani downplays the attacks suffered by the Cabildo de Tenerife, since it considers that “they are generalized, automated and massive actions in a context of great instability in the world, which are not specifically directed at this administration.” Daswani states that “Russians are number one when it comes to cybercrime, but in this turbulent social context, attempted attacks have multiplied across the board. Cybercriminals take advantage of these situations, as happened with the pandemic, to make a killing. In his opinion, “detecting more attacks is now normal. Cyberspace has become another battlefield for everyone.”