SEVILLE – The town hall of Seville fell victim to a major cyberattack this week. The hackers, from the Netherlands, originally demanded an amount of €5 million. Later they dropped to 1.5 million and eventually to €1 million.
Juan Bueno, the delegate for digital transformation, confirmed this during a press conference. According to Bueno, no personal information has been leaked, but the investigation is still ongoing. “We do not negotiate with cybercriminals. We cannot accept demands from criminals,” he said firmly.
Who is behind the cyberattack?
The attack was carried out by Lockbit, one of the most essential hacking groups in the world. According to the Spanish press, it is of Dutch origin. However, other sources are not sure. It is clear that Lockbit has attacked several Dutch institutions, including the KNVB. Furthermore ,Lockbit specialises in these types of attacks. Previously they also performed one on the British Postal Service, Royal Mail.
Measures and consequences
Consequently, and as a precautionary measure, all 4,000 municipal computers have been taken offline. This has led to a shutdown of all digital public services. Emergency services remain operational and residents can go to the municipal counters for all their enquiries. A special team, including experts from Telefónica and the National Cryptology Centre, has been formed to tackle the problem.
Future and security
Bueno confirmed that the town hall had invested in cybersecurity and that this theme will receive more attention in future budgets. “We were already on the right path to improvement,” he said. “There is no need to panic. We are working hard to normalise the situation as soon as possible,” Bueno assured the public.
In the meantime, most urban services are being carried out manually. “We’re back to pencil and paper for now,” he said, apologising for the inconvenience.
Previous cyber attacks
It is not the first time that the Seville city council has had to deal with a computer attack. Last year, a cyberattack disabled the app of the city transport company Tussam and the information panels at bus stops. In 2021, the municipal Spatial Planning Department also fell victim to computer fraud scams. This concerned the Christmas lighting contract, in which the criminals appropriated the winning company’s data worth one million euros.
What is Lockbit?
LockBit is a type of malicious software known as ransomware. It is designed to block access to computer systems and encrypt files, demanding a ransom from the victim in exchange for the decryption key. LockBit works by encrypting the victim’s files, making them inaccessible until the ransom is paid. This ransomware is infamous for its use in targeted attacks on various organisations and institutions, including businesses, healthcare providers, and even government agencies.
Therefore, to protect against LockBit and other ransomware threats, individuals and organisations should implement robust cybersecurity measures, regularly update software and security systems, and educate users on safe online practices. Additionally, having reliable data backups is essential to recover files during a ransomware attack.