“No entiendo como se comprometió España.” Responder en Inglés, “well my friends, no one is immune to cyber-attacks - no one.” Spain’s State Public Employment Service (SEPE), which coordinates unemployment benefits and ERTE throughout Spain, has been the victim of a cyberattack that has crippled its electronic and face-to-face appointment-setting services and other procedures.[1] A government Spanish spokesman said, “At the moment it is not possible to access the website”, with the Central Trade Union Independent and Officials (CSIF) reporting that the attack has affected the system nationwide, in the 710 offices that provide face-to-face service and in the 52 telematics.
The attack is under investigation by the National Cryptological Center, which are also dependent on the CNI (National Intelligence Center) and SEPE’s own computer equipment. Sources from Spain’s Ministry of Labour told reporters that the virus was only created recently, which is why they have rejected criticism of greater vulnerability due to the age of the programs, after accusations from unions like CSIF. Despite being a ransomware virus, no ransom has yet been requested, only an attempt made to block the system, “with the sole objective of damaging and doing reputational damage”, and there is no report of any data theft.
A department spokesperson from the Minister of Labour and Social Economy has stated that nobody has come forward yet claiming to be responsible for the attack and that the virus has not affected the system that manages the collection of ERTE and unemployment benefits. The general director of SEPE confirmed, “the confidentiality of user data or the management system for the payment of benefits and ERTE has not been affected”, adding that users who had appointments are being now attended by telephone. The director pointed out that according to the technicians, the virus is “the latest version of the RYUK virus” and that the possible reasons behind this action would be to damage the reputation of the organization, saying, “This is a cyberattack similar to the one that other companies or administrations have received globally.”
No one is immune – take precautions ASAP, or in Spanish - “tomar precauciones lo antes posible.” Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and has reported on this topic several times. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings: https://attendee.gotowebinar.com/register/3702558539639477516
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
[1] https://www.euroweeklynews.com/2021/03/09/spains-state-public-employment-service-sepe-website-hit-cyber-attack/
Comments