2023-11-04 05:08:28
The Internet has been a powder keg for decades. The number of cyberattacks has not stopped growing year after year and the major cybercrime mafias have increasingly fewer scruples when it comes to acting against sensitive targets, such as health centers. And everything indicates that the trend is going to increase in the coming years. Or, at least, that is what Félix Barrio, general director of the National Cybersecurity Institute of Spain, hopes, who (Incibe) has spoken with ABC within the framework of the Global Cybersecurity Forum, held this week in Saudi Arabia.
—Spain is always very high in the global rankings of cyberattacks. For what is this?
—Indeed, we tend to always be among the three or four countries that detect the most threats for a decade. And most of them affect the private sector. We detect many attacks because we have very competitive systems in this sense that allow us to filter threats better than other sites. Then, there is an element such as the Spanish language. There are many organizations in the field of cybercrime associated with the world of drug trafficking based in Spanish-speaking countries. And they find it very attractive to attack Spanish interests.
—Aren’t we so bad then?
—It is not a problem of capabilities. We are the second most trained country in Europe in terms of cybersecurity.
—But we still have many vacant jobs related to cyber defense.
—By 2024 we expected that about 84,000 positions would be in demand, according to a study we did a couple of years ago. And we were not wrong. It also warned us that a gap had to be filled between the number of candidates and demand, which could be 40,000 positions. That is why one of the greatest efforts within the recovery plan and the Next Generation funds has been to improve the academic offering and increase it.
—In the last year we have seen very large attacks against hospitals, companies or institutions, such as the recent ‘hacking’ of the Seville city hall. What is going wrong?
—Those sectors that you mentioned, specifically the health sector and local administrations, are being the preferred targets of the waves of ‘ransomware’ attacks (malicious code used to kidnap the victim’s equipment and data and then request a economic rescue) that we are experiencing. In the case of the Seville city council, which was covered by our cybersecurity agency at the National Intelligence Center, we know that the attack occurred about five months in advance. Criminals ultimately go after the targets that have the most vulnerabilities because they have not configured their early incident detection systems. In the case of health entities, the challenge is greater, because in Spain the territorial dispersion is very great and there are provinces in which the number of cybersecurity providers has not reached an optimal level.
—Are we sufficiently aware in the country about the dangers hidden by the Internet or is there still a way to go?
—We have a panel of 3,000 homes that monitors the level of awareness and we see that it rises every month and we are investing a lot in advertising. Many times it goes unnoticed, but the effort and economic investment is great on television or social networks. We have a network of more than 950 cyber cooperators that allows us to give awareness workshops to more than 80,000 schoolchildren a year. We depend a lot on this, because misused technology poses a great risk.
—Now comes artificial intelligence (AI), which represents a new threat. This same week, the Vice President of the United States, Kamala Harris, warned that it was going to provoke the arrival of a wave of cyber attacks “never seen before.”
—AI in itself does not pose a risk. The problem is that in the field of cybercrime it is used to do more damage and reach more victims. But we also use it to defend ourselves and detect attacks. We must know it better and incorporate it into organizations. The most important thing is to promote European regulation that protects us.
—But with generative AI tools like ChatGPT, being a cybercriminal is much easier today. It is not necessary to have great technical knowledge. Has it been negligent to make this technology available to everyone?
—Accessibility to AI is something we must consider. Above all, we must preserve the creation of a global regulatory framework that combines the protection of users and companies against the threats that criminals can create through their use. In any case, we have to keep in mind that making technology available to users has always been revealed as something positive, within a scope of control.
—How do you expect threats to develop in the future?
—We are going to close 2023 with a huge increase in detected attacks, 20% compared to 2022. And they will continue to increase in 2024. ‘Ransomware’ is a scourge that is very difficult to solve. On the Internet it is very easy to find offers from mafias that offer disgruntled employees commissions for facilitating them in carrying out a cyber attack. Interconnectivity through 5G, AI and cybercrime mafias are going to keep us very busy next year.
#Mafias #offer #money #disgruntled #workers #facilitate #cyberattacks