Professor of Artificial Intelligence and Big Data at the Universidad Europea
hese days we are experiencing a tragic situation with the war between Russia and Ukraine, the consequences of which are affecting many other countries to a greater or lesser extent. One of the effects of this war has been the increase in cyber-attacks on states that have taken a pro-Ukrainian stance. Although it is very difficult to prove the origin of the attacks, and although Russia denies that they are responsible for this proliferation of digital aggressions on the web, all experts point to the fact that the increase in security incidents that are occurring mainly come from Russia and countries sympathetic to Vladimir Putin’s state.
For years, wars have been fought on two battlefields: The traditional physical one, with tanks and rockets; and the digital one with armies of hackers trying to gain access to opposing information systems. There are many types of cyber-attacks, but in these conflicts, the most common cyber-attacks are mainly aimed at collapsing critical infrastructure such as power plants, water treatment plants or even the basic services of hospitals. They also focus on everything that has to do with information and the image of the contenders, with disinformation and secret disclosure campaigns aimed at damaging the reputation of the contender.
For this reason, in the last week, the Spanish government has made a move and announced the National Cybersecurity Plan, which includes a series of actions to reinforce the critical IT systems of the state and the country’s companies. This campaign is focused on the prevention of possible attacks, urging companies and administrations to update their computer programmes and to reinforce measures to protect against malware and intrusions. In addition, the creation of a Security Operations Centre (SOC) for public administrations has been announced. These measures are much needed and should have come sooner. Unfortunately, the issue of computer and communications security has been neglected in Spain, especially in the administration and in SMEs, and we are starting from a very precarious situation in this regard, which means that we are currently vulnerable to this type of attack.
The conflict between Russia and Ukraine has been the trigger that has caused the government to reflect and react, but even before that there had been an increase in the number of cyber incidents in companies and private computers. During 2020 alone, the number of daily cyber attacks increased by 125%. Although a significant part of this increase is justified by the increase in teleworking in the wake of the pandemic, which led to greater exposure, the trend in the number of attacks on companies and individuals had already been growing significantly for years before COVID-19. This is also due to a “professionalisation” of the digital criminal: the profile of the “hacker” is no longer that of the isolated person, working in a dark basement and driven mainly by curiosity. Online criminals are now organised. They are part of criminal groups that have a wealth of resources and are driven by economic motives. These groups seek to steal data, steal sensitive information or hijack a company’s computers for ransom. For years now, cybercrime has been more lucrative than drug trafficking.
One of the regrets of companies when planning strategies to protect the security of their systems is the difficulty of being able to hire personnel trained in this area, which often leads them to have to train their own workers, recycling them from other positions that have little or nothing to do with network and information security. This strategy, which is increasingly common in companies, has a risk: the lack of a solid training base in the underlying technologies, which makes it more difficult for these profiles to adapt to the continuous changes in the techniques used by hackers to search for security breaches. For all these reasons, we need to promote vocations in information technology and specialised training programmes in cybersecurity, because having this type of profile specialised in security policies is the most effective way to minimise the risks of an intrusion or theft of information, which could even lead to the disappearance of a company if it is unable to recover and restore the data after a cyber-attack.
© All rights reserved