In global fight against cybercrime, Spain becomes a front line

Spanish police stopped two major hacking schemes in the country in recent months, raising alarm among experts about increasing activity in the country. Why is Spain a hacking hub?

May 20, 2013

As cybercrime increases worldwide, high-profile arrests of hackers are becoming routine in Spain, both as a target and an origin of attacks.

Two of the most sophisticated cybercrime operations disrupted in the world this year have used Spain as a headquarters. Internet watchdog reports show malicious online activity is on the rise in the country. And while Spanish online policing is regarded as among the most proficient in the fight against cybercrime, the effort is stretched thin.

Experts say that Spain's situation stems from a combination of factors, including the country's economic crisis, its widespread Internet infrastructure and online expertise, and a long culture in defense of privacy and accompanying laws.

Tracing fentanyl’s path into the US starts at this port. It doesn’t end there.

“Spain is in diapers in terms of cybersecurity. We are facing a problem of great magnitude, and perhaps it has already overwhelmed us,” says Antonio Ramos, IT professor in the Universidad Complutense de Madrid and other universities, an expert in hacking, and owner of cyber-security firm StackOverflow.

“The problem is that we don’t use the available resources adequately," he says. "And if we don’t improve, this war is lost.”

A hacking boom

Just a few weeks ago, Dutch hacker Sven Olaf Kamphuis was arrested by Spanish authorities on a warrant from the Netherlands. Mr. Kamphuis reportedly used a van packed with technology to break into networks and attack websites anywhere in the world, and is believed to have launched one of the largest cyberattacks ever in March, taking down the page of the anti-spam watchdog Spamhaus.org.

Kamphuis is said to be the owner of the Internet service provider Cyberbunker, which authorities believe is active in several forms of cybercrime. He was extradited to the Netherlands earlier this month.

And in a separate international operation in February, police in Spain arrested 11 people who authorities believe ran one of the biggest and most lucrative cybercriminal gangs ever, allegedly extorting around €1 million in Spain alone. The group is accused of hacking computers to lock up and then display a message purportedly from police, accusing users of some violation and demanding payment of a €100 fine to release it.

The gang – mostly Russian, with some Ukrainians and Georgians – used Spain as their headquarters. They are accused of infecting computers in over 30 countries with malware, netting millions. Despite the arrests, though, the malware remains active and victims are still accumulating.

The two incidents are just the highest-profile ones this year. Malicious activity increased in 2012 from the year before in Spain, which moved from 18th to 12th in a rank of overall malicious activity per capita by source country, according to the bellwether Symantec 2013 Internet Security Threat Report.

The United States and China top the list. Spain is consistently ranked in the top positions in Europe. Most of the increased activity in Spain came from infected spam zombie computers.

And in 2011 and 2012, Spain announced several arrests of people connected to the Anonymous movement, including some of the group’s leaders. The loose collective has claimed responsibility for hacking attacks on government sites in Spain and Latin America, as well as on companies including Sony, several banks, and energy firms.

Why Spain?

Several economic, infrastructural, legal, and even cultural factors are combining to fuel Spain's cybercrime and overwhelm authorities, experts say.

The economic crisis – which has hit Spanish youth particularly hard – is likely increasing the allure of criminal activity. Unemployment among Spain’s youth is nearing 60 percent. “To crack a digital lock, people can earn twice their salary, and that is tempting,” Mr. Ramos says.

And the crisis is also luring middlemen to launder illegal money in the country. “It’s easier now to recruit intermediaries who hide crimes, and many come from abroad to manage them,” says Juan Carlos Ruiloba, a university professor and former head of the Spanish police cybercrime unit.

But it is not simply a matter of resources, Mr. Ruiloba adds. There are not enough resources, he says, "but the problem is more about how these are managed.”

“Cybercrime police groups are overwhelmed. Every time there is just a little technology involved" in a crime, Ruiloba says, regular police pass it on to the cybercrime specialists "and it’s too much. Other police groups should be able to investigate at a minimum level.”

There are also legal and enforcement issues that protect the online community from state interference – and as a result, help shield cybercriminals from scrutiny. Spanish legislation is some of the most zealous in terms of protection of privacy, allowing cybercriminals to more easily hide from police and courts, which, for example, by law must authorize the police every time they want to read a hard drive. “These privacy issues help criminals,” Ruiloba says.

“Spanish legislators have not done their job of closing these loopholes,” says José Luis González, a law professor in Valencia University who has written on cybersecurity legislation. “Spain has not regulated many things that should be spelled out in terms of” information technology, he says.

It’s also a cultural problem. Spain is an online nation – two-thirds of the population had a broadband Internet connection in 2012, according to Spain's National Statistics Institute. And Spaniards have an ingrained belief that the Internet should be free of regulation: a mind-set that also makes it hard to fight illegal piracy of copyrighted content.

“People believe there should be no rules. We are making freedom of the Internet an absolute right here, which trumps all other interests,” says Dr. González.

But the government is not showing signs of responding to such criticism, because of strong public opposition to reducing legal protection of online privacy. Victor Domínguez, president of Spain’s Internet user association Asociación de Internautas, says that decreasing privacy is not the solution. Rather, he says, the government needs to better understand the online world and how to confront cybercrime.

“I think the government is afraid of the Internet," he says. "Because it surprises them, they don’t want to take the bull by his horns. It’s easier for them to criminalize the Internet.”