INTERIOR BLINDA ITS WEB PAGE AGAINST THE THREAT OF PROCORRUSOSE CIBERPIATES | Spain

Artificial intelligence against computer pirates. The Ministry of Interior has initiated the tender of a contract that allows it to access, during the next two years, to the Recorded Future database, an American company specialized in digital surveillance that collects information on potential cyber -cyber threats by automatic tracking with artificial intelligence of millions of data collected both in the open internet and in the Darkweb (dark network) and the Deepweb (deep network). The objective of the department of Fernando Grande-Marlaska, as recognized in the bidding file, is to shield the applications with which it relates to citizens, including its website, in front of hackers And, specifically, front to the self -denominated group Noname057considered close to the regime of Vladimir Putin and that is expressly cited in the contest documentation.

This proruso group, emerged in March 2022 after the invasion of Ukraine by Moscow, has claimed in these three years numerous sabotage campaigns in Spain, including several attacks on government websites, of companies in the defense sector such as Navantia and Indra and the Bank of Spain. On July 23, 2023, the day of the last general elections, Noname057 He tried to knock the interior website and caused specific problems for three hours, although at no time affected the special page on which the scrutiny was reported in real time. Three alleged members, all of Spanish nationality, were arrested in July of the year by the Civil Guard in the Mallorcan town of Manacor and in the Andalusians of Huelva and Seville.

In the hiring file – which includes an investment of 791,340 euros, VAT included – interior stands out « The incessant growth of cyber attacks that the public sector is suffering ». It also recalls that in the reports prepared by the National Cryptological Center (CCN, framed in the CNI) « the activity is revealed » Noname057 and his links with “the well -known group Hackivist Proruso Killnet With those that coordinated to attack government websites in countries that, he said, threatened Russia, including Austria, Spain, Germany, France, United Kingdom, Latvia, Poland, Ukraine and the United States, among others. ”

« Since then, » interior continues, « the group members have carried out attacks independently against government institutions, media, financial, energy, transport and telecommunications companies in countries in Europe, which claimed in channels of (the application of instant messaging) Telegram. » At this point, it emphasizes that this proruse group does not send messages “to encourage its followers to join the campaigns” – basically attacks of the so -called denial of distributed services, or ddos ​​for its acronym in English, consisting of the massive sending of traffic to a website to collapse it – but only advertises them “once performed”.

Therefore, Interior believes it necessary to have information previously to combat it and the best way to do so is to “have access to a specialized intelligence database, such as the Remember Future platform, which has become the largest repository with reliable and actionable information,” he emphasizes. Specifically, he wants to acquire « two subscriptions » to have access to this repository and three specific modules offered by the US company. Specifically, the one that allows anticipating the potentially important threats and the objectives of cyberpiratas; the so -called « attack surface », to know the potential risks of the Ministry’s website and take measures to reduce or manage them; and the one referring to « identities », to prevent attackers to use stolen credentials to enter the department’s systems.

« The collection and classification technology of Recorded Future makes all these data available for real -time searches, with information for years, » says Interior, indicating that he uses this database since last November. In these six months, its specialists have already found “the usefulness of the service and the need to maintain it in order to mitigate the threats that arise and thus prevent the systems from being compromised and the security of them is put at risk”, emphasizes the documentation of the tender.

On its website, the company ensures by offering its services that, thanks to its databases, customers can identify “the most important threats, which allows it to prioritize and act quickly, before the attacks take shape and impact their business”. It also presumes more than 1,900 customers in about a hundred countries, including more than 45 governments and more than half of the companies in the list Fortune 100which collects the largest mercantiles in the world. Interior aspires to be one of its customers at least during the next two years.