Spanish police arrested two suspects in a cyberattack against the Radioactivity Alert Network of the General Directorate of Civil Protection and Emergencies (DGPGE), which took down more than a third of the sensors needed to detect nuclear incidents.
Between March and June 2021, the alert network for radioactivity (RAR) was the target of a large volume of cyberattacks later classified as sabotage. The government agency explained that the RAR system is a mesh of gamma radiation detection sensors deployed in specific points of the Spanish geography that allows them to detect changes in radiation levels quickly. Each sensor links to a control center via a phone.
The perpetrators didn’t stop at just taking down the sensors in cyberattacks (approximatively 300 out of 800 were down at some point), but they also went into the central infrastructure where they tried to delete the web application controlling the system.
“On the one hand, there was an illegitimate intrusion into the computer system itself, the purpose of which was to delete the RAR management web application in the control center,” saidDGPGE in a press release.
“On the other hand, and for two months, the authors attacked more than 300 sensors among the 800 existing ones, causing the failure of their connection with the control center and thus reducing the detection capacity of the network,” they added.
Their motives remain unclear, and the authorities only said that the suspects used to be employees for a third-party company that did maintenance on the system, which gave them the knowledge to attack the infrastructure.