Those responsible for the cyberattack on the General Council of the Judiciary used the governing body of the judges as a window to access different State agencies and steal information from hundreds of thousands of Spaniards. The most serious consequences were experienced at the Tax Agency, where the attackers obtained data from nearly half a million taxpayers, sources close to the case have revealed to elDiario.es.
The seriousness of the attack has mobilized the Information and Intelligence services and has motivated the opening of a secret investigation in the National High Court. Those responsible for the investigations were struck by one piece of information from the beginning: it was not just an act of Trawlinga massive data leak, but the cyberattackers searched for specific names, people with a public profile, add the same sources.
The General Council of the Judiciary reported last Tuesday in a press release that it had detected “a cyber attack on the networks of the Spanish Public Administrations in which the Judicial Neutral Point (PNJ) was affected”. This name refers to the telecommunications network that connects the courts and other judicial bodies with the rest of the State institutions, but whose management depends on the governing body of the judges.
In reality, this Judicial Neutral Point was the initial objective of the attack, presumably in order to jump to the rest of the connected institutions. One of them is the General Police Directorate, from which hackers have obtained the data of around 50,000 members of the Corps. The ‘hackers’ or their clients now have in their possession the name, address and the rest of the information that appears on the DNI of these national police officers.
However, the main concern of the researchers is the Tax Agency. The cell of each taxpayer stores a very diverse and complete amount of information, such as income, properties, their declarations before the Public Treasury itself… Last March, Iberdrola reported a cyberattack that affected 1.3 million customers, but in that case, the stolen data was such as the DNI, the address, the telephone number and the email address,
As reported by the CGPJ, other organizations affected are the Public Employment Service or the National Institute of Social Security. When the attack was detected, the CGPJ reported the attack to the Cybersecurity Operations Center of the General Administration of the State and its Public Bodies (COCOS) and the National Cryptologic Center, dependent on the CNI.
The judge of the espionage to the telephones of the Government
This Thursday, the National Court reported that the head of the Investigating Court number 2, José Manuel Calama, opened investigation proceedings on October 20 for a crime against a high-ranking body of the nation and the disclosure of discovery and disclosure of secrets .
The investigating magistrate commissioned the investigation to the General Information Police Station and decreed the secrecy of the proceedings for a month. At the same time, the judge has required two separate reports from the National Cryptologic Center and the Tax Agency.
Sources from the National High Court report that Calama was the duty judge when the CGPJ decided to file the complaint. The head of Court number 2 also instructs the Government’s complaint for the theft of information from the cell phones of the president and two ministers of the Executive through spyware.
At this point in the investigation into the cyberattack on the CGPJ, there is no reliable clue as to its origin and intentions, or whether it is for a foreign government, for profit, or comes from activism. What is certain is that it was a targeted attack that focused on the Judicial Neutral Point, aware that it was the door to access various state agencies.