Those responsible for the cyber attack on the General Council of the Judiciary used the governing body of judges as a window to access various government agencies and steal information from hundreds of thousands of Spaniards. The most serious consequences were experienced at the tax agency, where the attackers obtained data from almost half a million taxpayers, sources close to the case told elDiario.es.
The seriousness of the attack mobilized the information and intelligence services and motivated the opening of an undercover investigation at the National High Court. Those in charge of the investigation were initially surprised by one piece of information: it wasn’t just an act trawlingThe massive data breach, but the cyber attackers were looking for specific names, people with public profiles, the same sources added.
The General Council of the Judiciary said in a press release last Tuesday that it had discovered a “cyber attack on the networks of Spanish public administrations, in which the Judicial Neutral Point (PNJ) was affected. This name refers to the telecommunications network that connects the courts and other judicial bodies with the rest of the state institutions, but whose management depends on the ruling judges on the body.
In fact, this judicial neutral point was the original target of the attack, presumably to jumpstart the rest of the related institutions. One of them is the General Directorate of Police, from which hackers obtained the data of up to 50,000 members of the corps. The “hackers” or their clients now have the name, address and other information that appears on the DNI of these national police officers.
However, the main concern of the researchers is the tax agency. Each taxpayer’s cell stores very diverse and complete information, such as income, property, their declarations to the public treasury itself… In March last year, Iberdrola announced a cyber attack that affected 1.3 million users, but in this case, stolen data such as DNI, address, phone number and email address,
As reported by the CGPJ, other organizations are the Employment Service or the National Institute of Social Protection. When the attack was detected, the CGPJ reported the attack to the Cyber Security Operations Center of the State General Administration and its Public Bodies (COCOS) and the National Cryptology Center, which depends on the CNI.
Judge spying on government phones
This Thursday, the National Court announced that the 2nd head of the Court of Inquiry, José Manuel Calama, opened on October 20 the investigation process for crimes committed against the nation’s high-ranking body and for the discovery and disclosure of secrets.
The investigating magistrate assigned the investigation to the General tion Police Department and ordered the proceedings to be kept secret for one month. At the same time, the judge requested two separate reports from the National Cryptology Center and the tax agency.
Sources in the National High Court report that Kalama was a judge on duty when the CGPJ decided to file the appeal. The Chairman of Court No. 2 also orders the government’s complaint regarding the theft of information from the mobile phones of the President and two ministers of the executive branch by means of spyware.
At this stage of the investigation into the cyber attack on CGPJ, there is no reliable indication of its origin and intentions, or whether it is foreign to the government, for profit, or comes from activism. Undoubtedly, it was a deliberate attack focused on the judicial neutral point, as it was the gateway to various government agencies.
Source: El Diario