Collaboration between industry, academia, and society is essential to finding practical solutions to cyber threats.
In the midst of the digitalization era, cybersecurity takes on special importance. This is reflected in the National Security Law passed in 2015, which recognizes it as an area of special interest to national security.
Data provided by the Ministry of the Interior in the Report on Cybercrime show that in 2022, 374,737 cybercrimes were recorded and, according to the Quarterly Crime Report for the fourth quarter of 2023, cybercrime increased by 25.5% in that year compared to 2022.
In this context, local councils are exposed to these cyberattacks, such as the one suffered in Torre Pacheco in early March 2024. The case of Murcia is no exception; the local government of Los Llanos de Aridane (Santa Cruz de Tenerife) suffered the same misfortune. Others include the local governments of Castellón de la Plana, Xixona, Manises, and the University of Cádiz.
The reality is that local governments are particularly vulnerable institutions for several reasons:
1. Obsolete technological infrastructure: many local administrations operate with obsolete systems and software that often lack adequate security updates.
2. Limited budgets: financial resources are often restricted, limiting their ability to invest in advanced cybersecurity measures.
3. Valuable data: they handle a large amount of sensitive data, including personal information about citizens, businesses, and documentation critical to the functioning of the city.
4. Impact on public services: attacks on city councils can have serious consequences, as mentioned in the previous point. These include waste management, emergency services, public transportation, among others. This increases the pressure to pay the ransom quickly.
5. Lack of awareness and staff training: City council staff may not be adequately trained in cybersecurity practices, increasing the risk of cyberattacks. Awareness and training are essential to reduce these risks.
6. Dependence on third parties and software: City councils often rely on external providers for service management. If these providers do not maintain high cybersecurity standards, they can become entry points for attackers.
How to tackle cybercrime
A multidisciplinary approach is needed to tackle cybercrime, as it is a complex phenomenon that encompasses very different areas, such as technology, law, psychology, and criminology. Therefore, highly specialized knowledge in all these areas is necessary.
This is why cross-sector collaboration is key. Joint work between the public, private, and academic sectors allows for the development of solutions that enable institutions to be prepared.
*This initiative is carried out within the framework of the Recovery, Transformation, and Resilience Plan funds, financed by the European Union (Next Generation), the Spanish government’s project that outlines the roadmap for the modernization of the Spanish economy, the recovery of economic growth and job creation, for a solid, inclusive, and resilient economic reconstruction after the COVID-19 crisis, and to respond to the challenges of the next decade.
