The Higher Council for Scientific Research (CSIC) was the victim on July 16 and 17 of a ransomware-type cyberattack, an extortion carried out through a malware that can be introduced, for example, in company equipment: computers, laptops and mobile devices.
In the absence of the final report of the investigation, the experts point out that its origin comes from Russia, as reported on Tuesday in a statement by the Ministry of Science and Innovation, on which this body depends. To date, no loss or hijacking of sensitive or confidential information has been detected and the measures used to control this action have led to a network access cut in various centers for days —in some it still lasts—.
The cyberattack was detected on July 18 and the protocol marked by the Cybersecurity Operations Center (COCS) and the National Cryptologic Center (CCN) was immediately activated. This is similar to what other research centers such as the Max Planck Institute or the US space agency NASA have suffered, as indicated by the Department of Science.
The measures used to control and resolve the attack have led to a cut of access to the network in various centers, following “the strict international protocol” necessary to stop the incident and guarantee that the attack does not spread to the centers that have not been seen. directly affected, the sources explain.
To date, just over a quarter of the CSIC centers already have a connection to the network and in the next few days it will be restored throughout the network of centers.
The CSIC has multiple security mechanisms that prevent more than 260,000 registered attacks daily, according to the ministry.