Spain faces a boom in cyberattacks in 2024

Spain is experiencing an unprecedented wave of cyberattacks in 2024 that has set off all the alarm bells. Public and private organizations dedicated to cybersecurity, as well as the general press, have reported serious cybersecurity incidents and their impact.

The highly unstable geopolitical situation and the general boom in cybercriminal activity have created the perfect breeding ground for an increasingly hostile online landscape. In the face of these threats, putting in place a truly effective and comprehensive strategy becomes even more urgent. We analyze.

The Ayesa Case: The Ongoing Threat of Ransomware

Ransomware stands as one of the most damaging and persistent risks today, and recent figures confirm this.

In particular, in Spain, the activity of Lockbit, one of the most prominent ransomware groups, has spiked notably in May, with the public administration sector being a prominent target. Overall, however, the administrative sector ranks fourth after manufacturing, food, and consumer services.

The Ayesa case has been particularly noteworthy. This Spanish multinational, dedicated to providing technological services, was the victim of a ransomware attack in April 2024 perpetrated by the Black Basta group.

According to press reports, the incident affected Ayesa’s technological structure and some corporate servers, though the company managed to block part of the attack thanks to its cybersecurity protocol, including backup systems.

The attack occurred just days after Ayesa announced the purchase of Emergya, a major corporate acquisition of a leading Google partner in Spain.

Data breaches intensify

Incidents linked to data breaches have also risen sharply. A record number of data breach publications were identified in a single week in the first half of 2024, with 27 cases reported, 20 of them occurring in May alone.

Publications concerning Spanish entities have affected all sectors, with the administration sector being the most impacted, followed by the education, banking, and telecommunications sectors.

Stolen information from these incidents is often sold on clandestine Internet platforms, including Clearnet and Dark Web forums, or Telegram channels.

The Iberdrola case has been particularly notorious, as the company suffered an attack in May 2024 that exposed data from 850,000 customers (name, surname, and ID number). According to press reports, the breach occurred “through a supplier,” and the company managed to close the breach “immediately.”

This cybersecurity incident is one of several in May that also targeted other Spanish multinationals, including Banco Santander and Telefónica.

S2 Grupo: Allies to protect against the cybercrime wave

At S2 Grupo, we work to be the cybersecurity allies that companies need in a digital context in which threats are multiplying.

Geopolitical tensions and the rise of organized cybercrime are shaping an increasingly insecure and conflictive digital landscape. Given this reality, organizations must proactively address the problem to minimize risks associated with security incidents.

An effective cybersecurity strategy is also essential for compliance with increasingly stringent legislation focusing on corporate responsibility for data protection and cybersecurity.

In this context, S2 Grupo supports companies and institutions in fortifying their defenses through the following key actions:

• Monitoring geopolitical events: We develop cyber intelligence to prevent incidents based on the detection of patterns and knowledge about significant cyber campaigns linked to geopolitical events. This proactive approach gives us an invaluable advantage in anticipating potential threats.
• Threat modeling: We implement contextual analysis to define defensive strategies and simulate identified cyber threats.
• Comprehensive prevention strategy: At S2 Grupo, we activate real-time incident monitoring, network incident detection and blocking, data collection and analysis, proactive threat analysis methodologies, and advanced systems capable of detecting Advanced Persistent Threats, among other measures, as part of our approach to prevent complex threats such as ransomware and data leaks.

Do you want to protect your organization effectively in a digital landscape where cyber-attacks are increasingly damaging and sophisticated? With two decades of experience in cybersecurity, S2 Grupo’s solutions lead the sector in Europe and Latin America. Contact us to learn how we can help you.