The rise of modern technology has improved and enhanced lives all over the world in a multitude of ways. But it has also brought with it many new risks and threats to us all, and many countries all over the world are placing an increased focus on cybersecurity in order to counter these menaces.

As one of the largest and wealthiest countries in Europe, Spain has made strong efforts to lead the charge and invest time, money, and resources into its systems and organizations designed to fight back against cybercrime [1].

Like most wealthy Western nations, Spain has seen widespread adoption of modern technology. A huge percentage of the Spanish population makes use of the internet on PCs, laptops, smartphones, and other devices every day. But these individuals, as well as businesses and groups of all sizes, are all potentially putting themselves at risk of some form of cyber-attack each time they go online.

Having seen the many high-profile cases of cyber-attacks all around the world in recent years, Spain and its people are more aware of the importance of cybersecurity than ever before.

Cybersecurity institutions in Spain

Spain, like most other European countries, adopted its own National Cyber Security Strategy several years ago. The plan was officially introduced in 2013 and was accompanied by the strengthening of Spain’s pre-existing cybersecurity institutions and networks.

Spain has two different cybersecurity emergency response teams under the names INCIBE-CERT [2] and CCN-CERT [3].

The former was established in 2008 and has jurisdiction all over in Spain, meaning that this is the emergency team responsible for the general public, businesses, and other Spanish groups, while the latter is focused solely on governmental bodies.

The primary cybersecurity institution in Spain is the CNPIC (Centro Nacional de Protección de las Infraestructuras Críticas) [4]. The CNPIC is aimed at bolstering cybersecurity in Spain, raising awareness of the relevant issues, and responding to cyber-attacks. INCIBE-CERT is under the control of the CNPIC and can be used to respond to cyber-attacks.

Spain is also part of the 14 Eyes network, which is an intelligence alliance between major countries around the world, including the United States, United Kingdom, France, and Australia. This alliance allows the intelligence agencies from these countries to make use of various techniques to monitor cyber data and then exchange it with one another, with the aim being to prevent terrorist attacks of various kinds and to protect the people.

The term “cyber war” is not yet particularly relevant in Spain, but leading security experts in the country have stated that Spain could be under threat of a major cyberterrorist attack in the country [5]. This could trigger a larger focus on offensive and defensive cyber war efforts in the future.

Cyber-attack statistics in Spain

The cyber-attacks statistics for Spain are quite worrying, showing gradual increases in the number of attacks from one year to the next [6]. In fact, in many studies and independent analyses, Spain seems to be one of the biggest victims of cybercrime out of the major European nations [7].

Back in 2011, Spain encountered its biggest cyber-attack. Telefonica, a huge telecommunications company in Spain, as well as several other companies around the country and neighboring countries, was affected by ransomware [8]. Ransomware is a type of malware that locks users out of their own data, with the promise to release that data in return for payment, usually cryptocurrency.

This was one example of a major corporation being targeted by cyber criminals in Spain, but most attacks are occurring at smaller levels.

Statistics from Spain’s National Cryptology Center revealed that up to 90% of the nation’s most severe cyber-attacks were from foreign sources, including foreign governments [9].

Since 80% of critical infrastructure in Spain is held privately, the private sector is at great risk of cyber-attacks in Spain.

As in most other countries around the world at the moment, only a small percentage of cyber criminals actually end up in court in Spain. Statistics for 2017 show that 3,714 cases of fraud via information and communication technologies reached the courts, with several hundred additional cases also making it to court, where small prison terms and fines can be imposed. But many cyber criminals escape unpunished [10].

Educating society

Spain is still making progress towards providing stronger cybersecurity measures, with several new organizations and research centers opening in recent years, like the “Cybercat” center in Catalonia. The country and its authorities have an open-minded and proactive approach to cybersecurity, welcoming new ideas and initiatives.

A big focus of Spain’s National Cyber Security Strategy is to educate the general public on cybersecurity and raise awareness regarding cyber-attacks and what can be done to safeguard against them. The country’s authorities understand that, in order for the statistics on cybercrime in Spain to start dropping, the Spanish people need to know exactly what they’re dealing with and learn the best ways to protect themselves against it.

One of the main areas in which Spain has excelled when compared to some other European countries is in education and training possibilities related to cybersecurity. A big part of Spain’s National Cyber Security Strategy is “raising the awareness of citizens, professionals and companies about the importance of cyber security.” [11]

To this end, the country has introduced a variety of new educational tools and courses to teach people all about cybersecurity and the importance of safety and protection when using communication devices. Spain’s main aim here is to create future generations who are much more “cybersecurity savvy” in order to reduce the likelihood of cyber-attacks.

Most popular cybersecurity tools in Spain

Spain is a highly developed nation, but it is still lagging a little in terms of online security. While statistics show that most Spanish people use the internet on various devices each day, a worrying amount of those users don’t actually make use of encrypted connections or any kind of protection to stay safe online.

Some studies even indicate that over 75% of Spain’s internet users are completely unsafe.

This is particularly worrying as it puts everyone at greater risk of cybercrime.

Thanks to the efforts of Spain’s cybersecurity initiatives, more and more people are adopting cybersecurity systems and software. Anti-malware is the most popular choice, but a small and growing contingent of Spanish people are also making use of VPNs in order to stay safe online. Progress has been slow in Spain when compared to other big European nations like the United Kingdom or Germany, but individuals and businesses are now beginning to understand the importance of cybersecurity.

Recommended read:

Best VPN for Spain

Resources used:

  1. http://cybersecurity.bsa.org/assets/PDFs/country_reports/cs_spain.pdf
  2. https://www.incibe.es/en
  3. https://www.cybersecurityintelligence.com/ccn-cert-1922.html
  4. http://www.cnpic.es/en/Ciberseguridad/index.html
  5. https://elpais.com/elpais/2018/10/10/inenglish/1539186888_353824.html
  6. https://www.websitebuilderexpert.com/blog/eu-cybercrime-risk/
  7. https://www.enigmasoftware.com/top-20-countries-the-most-cybercrime/
  8. https://www.reuters.com/article/us-spain-cyber/telefonica-other-spanish-firms-hit-in-ransomware-attack-idUSKBN1881TJ
  9. https://elpais.com/elpais/2016/11/23/inenglish/1479898285_335299.html
  10. https://www.intelpage.info/centro-nacional-de-proteccion-de-infraestructuras-criticas8.html
  11. https://www.first.org/resources/papers/riga2009/inteco-cert_presentation.pdf