The pandemic leads to a rise in cyberattacks in Catalonia
TEXT: Mercè Molist
Everything related to cybersecurity is sky-rocketing. The individuals and organisations attacked are growing, the companies that protect against attacks are growing, and the salaries of their employees are growing. “It is calculated that in 2021 there will be a cyberattack somewhere in the world every 11 seconds”, according to a study by ACCIÓ and the Catalan Cybersecurity Agency.
According to the study, 99% of all Spanish companies admit to having suffered a cyberattack in 2020, with an average of five per company. 43% were aimed at SMEs, for which an attack costs an average of €35,000. The most exposed sectors are the public sector, the energy sector, the manufacturing industry and, as a result of the pandemic, health providers.
The study indicates that the pandemic “has created a favourable context for cybersecurity incidents”. It has served as a catalyst for the digital transformation, good examples of which are the increase in e-commerce and telework, but unfortunately this has, in turn, led to “an increase in the area of cyberattacks”, explains the study. And it adds: “Cybercriminals have focused on cashing in on fear and confusion with mass fraud campaigns, phishing and attacks on the new IT infrastructures of telework”.
According to the study, the increase in cyberattacks in 2020 was exponential and half were due to the increase in telework following the pandemic: “Over half the organisations were not prepared for the digitisation involved in implementing telework”.
The attacks to have risen most were those involving malware (around 30,000%) and the most frequent threats as well as malware are fraud, social engineering and data theft. In August 2020 in Spain, the railway company Administrador de Infraestructuras Ferroviarias (ADIF) suffered a ransomware attack in which 800 GB of confidential data was stolen. In October, Endesa also suffered a ransomware attack.
Ransomware is currently the malware that company are most afraid of. It is a virus that encrypts the entire contents of a computer and demands a ransom to decrypt it. It has catastrophic results if it enters a company and encrypts all the computers. Phishing, which has been previously discussed, is also a classic suffered by companies and individuals alike: a message that tricks the recipient into giving away their passwords or downloading a virus.
“Over half the organisations were not prepared for the digitisation involved in implementing telework”
The study focuses particularly on the cybersecurity capacities of Catalonia, which is in a good position, despite not being the world hub of cybersecurity like the United States, the United Kingdom, Canada or Israel: it has 361 companied that deal in cybersecurity, 83% of which are SMEs, and almost 7,000 employees: “The demand for cybersecurity professionals in Catalonia has almost doubled. According to Experis IT, Barcelona is where talent is most greatly rewarded, with average salaries reaching 47,000 euros”, says the study.
The sector’s turnover in Catalonia stands at around 820 million euros. Half the companies have a turnover of over one million, which rises to 10 million for 23%. These companies basically deal in protecting other companies: they manage their backup copies, securely store their data, and ensure the security of their computers and mobile phones.
Given this panorama, it is hardly surprising that there is increasing demand for cybersecurity services in Catalonia, as can be seen by the rising figures of the sector’s companies, which have risen by 2.5% in comparison with 2019, while their employees have increased by 16.9%.
The study also identifies the main cybersecurity bodies in Catalonia: Cybercat, the cybersecurity research centre in Catalonia, which combines six of Catalonia’s public universities, and the Catalan Cybersecurity Agency, which is a public cybersecurity service that was just created in 2020.