CSIS, Superior Council of Scientific InvestigationsHe is not having his best moment. This is the main state center for scientific research and technological development in our country, which works directly under the protection of the Ministry of Science and Innovation from Spain. On July 16, a computer attack with ransomware left this center out of service. Two days later, the decision was made to disconnect the agency from the Internet in order to protect all the information stored on its networks. Since then, the center remains disconnected from the network, and no one is doing their part to solve the problem.
The ransomware attack took place between July 16 and 17, but it was not until this week that the Ministry of Science and Innovation finally made it official through its Twitter account. And it has done so after the complaints of the CSIC workers themselves on social networks.
The @CSIC received a ‘ransomware’-type cyberattack on July 16 and 17.
The cyberattack was detected on July 18 and the protocol marked by the Cybersecurity Operations Center and the National Cryptologic Center was immediately activated.https://t.co/Ea99tkaOpv pic.twitter.com/81Ts75fYQR
— Ministry of Science and Innovation (@CienciaGob) August 2, 2022
Not many more details are known about this computer attack, very similar to the one that, months ago, took place in SEPE, in Renfe, and even in Telefónica a few years ago, and left entire organizations without service. The first investigations indicate that it may be a ransomware of Russian origin, although nothing is completely confirmed. The good side is that no losses or kidnappings of sensitive or confidential data have been detected, although the development center refuses to pay any type of ransom to recover the rest of the kidnapped information.
A management of shame
We always complain that Spain does not invest in science or technology, and that the great minds of our country have to go to work abroad. But it is that, with this type of management, it is totally understandable, since not even the Ministry of Science and Innovation cares for providing a solution to the problem and allowing the more than 11,000 workers to continue with their work. As Pablo Chacón, a CISC researcher, argues in a column for the ABC newspaper, a similar cut in other centers such as NASA, EMBL or CNRS would have meant the immediate resignation of those most responsible.
In this column, Pablo Chacón also criticizes the action of CNN and the COCS, since they decided to cut the cable, metaphorically speaking, and leave the entire organization without Internet when the attack was minor and was completely localized and isolated. The incompetence of the Government reaches such a point that some researchers have had to start using mobile data to be able to continue working connected to the Internet. And mobile calls to communicate with other departments, since not even the landline network works.
Since last March, Spain has had a cybersecurity alert level of 3 points out of 5 due, among other reasons, to the war between Russia and Ukraine. However, it is clear that the Ministry of Defense is not doing its job well if it not only allows infections, but also leaves one of the most important research centers in Spain without the Internet and without the possibility of working. But the important thing is, after all, to work without a tie.
