MADRID, 27 Jul. (EUROPA PRESS) -
The National Police have arrested the two alleged perpetrators of a cyberattack on the radioactivity alert network (RAR), of the General Directorate of Civil Protection and Emergencies, perpetrated between the months of March and June 2021. Specifically, they has proceeded to arrest two former employees who worked on the system's computer maintenance system.
In the same operation, carried out in Madrid and in the town of San Agustín de Guadalix, two addresses and a company were registered, under the decree of the Investigating Court No. 39 of Madrid. "Numerous computer and communication devices related to the facts investigated" were found in this device, the National Police explained in a statement.
The so-called 'Gamma' operation began in June 2021 with the presentation, by the General Directorate of Civil Protection and Emergencies (DGPCE), of a complaint informing of a series of cybersabotage perpetrated against the network alert to radioactivity (RAR), which would have affected a significant number of elements of the network.
The RAR system consists of "a mesh of sensors" for detecting gamma radiation, deployed in certain points of the Spanish geography in order to monitor the possible appearance of excessive radiation levels and take protective measures for collective health and the environment.
Each of the sensors in this network is connected by telephone to the control center at the DGPCE headquarters and, through this connection, the control center receives information on the measurements and transmits the necessary orders to the sensors.
In this way, the Cyberattacks group of the National Police took charge of the investigation immediately and, after analyzing the case, determined that it was directed at the two main components of the network.
On the one hand, there was an illegitimate intrusion into the computer system, which had as its objective the deletion of the RAR management web application in the control center. On the other hand, and for two months, the authors of the computer sabotage attacked more than 300 sensors out of the 800 existing ones, causing the failure of their connection with the control center and thus reducing the detection capacity of the network.
The speed of action by the General Directorate of Civil Protection in denouncing the cyberattacks, as well as its full collaboration with the investigative unit, was "key" to clarifying the case.
And it is that after a police "exhaustive technical analysis" of all the communications of the sabotaged sensors, as well as of the data related to the intrusion in the computer system whose origin could be located in the public use network of a well-known hotel establishment in the center of Madrid, allowed the authors of the cyber attack to be identified.
During the investigation it was determined that the two detainees had been responsible for the maintenance program of the RAR system, through a company contracted by the DGPCE, for which they had in-depth knowledge of it, which made it easier for them to carry out the attacks and helped them in their efforts to mask their authorship, significantly increasing the difficulty of the investigation.