The effects of the hacking suffered by the Seville City Council at the hands of the Dutch group Lockbit have lasted for six days, a computer attack that affects the most common operations of citizens such as requesting appointments or paying local taxes, coinciding also with the second term for the payment of the tax on immovable property.
On Tuesday, September 5, the hare jumped from the cyber attack and, since then, although all the technical machinery has been put into operation, it has not been possible to solve this problem that directly affects the everyday life of citizens, who cannot carry out their procedures normally at the beginning of the academic year and without a date for the re-establishment of electronic services.
If there's one organization that exemplifies the professionalization of cybercrime in recent years, it's LockBit. This multinational of computer attacks keeps the Sevillian systems of the Seville City Council hijacked, which had to turn off its 4,000 computers. It's all back to pen and paper.
The Consistory has reported that it has received several rescue requests. An initial one of five million dollars and a second one of one million. In all their statements, both the municipal delegates and the mayor have stated these days that Sevilla will not pay LockBit or accept "blackmail from criminals".
Like when the light goes out in a house, you realize much more how many things work with electricity, with a computer attack the people of Seville are realizing the large amount of administrative procedures that depend on the City Council's network. "I couldn't make the immediate payment of a fine", explains a citizen to La Vanguardia, who now doesn't know if he will be able to benefit from the 50% discount that comes with making the early payment, also worried about whether your bureaucracy will multiply later on having to justify your attempts to complete the procedure in the established time. All the management has been altered by the fall of the web, from registrations, payment of fees, previous appointments... A bureaucratic chaos in the midst of the digitization era, when a large number of procedures must be carried out digitally.
And even if you try to do it in person, Sevillians cannot request an appointment, the automatic answer from the Council's phone is that "at the moment we cannot attend to you due to an incident in our system, we are working to resolve it as soon as possible, apologize for the inconvenience caused."
Emergency services, such as the local police and fire brigade, have also been forced to make notes on paper to register and order the actions. The only services that already operate normally are public companies such as Tussam (buses), Emvisesa (housing) and Lipasam (cleaning).
The mayor of the Seville capital, the popular José Luis Sanz, assured after being aware of the attack that "they have not stolen data" from the citizens, but they have encrypted it. However, due to the modus operandi of this group of cybercriminals, the biggest concern was that it was a trap and that days later they could actually steal personal information, which, at the moment, there is no evidence of that having happened.
However, cyber security experts disagree with this statement. Luis Corrons, security evangelist of Avast, an expert company in computer security, assures that the hackers had access to this data because, otherwise, "it would not have been possible for the aforementioned information to have been encrypted". "These kinds of attacks have a job behind them, and in fact one of the latest trends is for cybercriminals to take a copy of the information before proceeding with its encryption", explains Corrons.
Lockbit is part of one of the most active cybercrime networks in Europe. It is characterized by launching selective attacks against companies and other organizations around the world through this ransomware (formerly known as ABCD). It is a type of malicious software that blocks a company's information, encrypts the information and demands a ransom in exchange for releasing it.
The way to enter the system is usually through an e-mail with a link, and if the user of this e-mail enters, he runs the software, which runs like wildfire among the rest networked computers. The ultimate goal is to encrypt the information, that is, to leave the computers unusable, so that if the City Council wants to recover the content and get back to work, it has to pay a ransom.
