The Spanish police have arrested two hackers believed to be responsible for cyberattacks on the country’s radioactivity alert network (RAR), that took place between March and June 2021.
The RAR system is a mesh of gamma radiation detection sensors, deployed across the country in order to detect anomalous radiation levels and take protective measures to prevent damage to the environment and the population.
The sensors are connected by telephone to the control center at the General Directorate of Civil Protection and Emergencies (DGPCE) headquarters that gathers the measures and transmits the necessary orders to the sensors.
The two arrested individuals are former workers of a company contracted by the DGPCE to maintain the RAR system. So they had a deep knowledge of its operation and how to deliver an effective cyberattack.
The two individuals gained illegitimate access to DGPCE’s network and attempted to delete the RAR management web application in the control center.
They also launched individual attacks against sensors, taking down 300 out of 800 spread across Spain, essentially breaking their link to the control center and disrupting the data exchange.
When the authorities discovered the breach in June 2021, the cyberattack against RAR stopped. They immediately initiated an investigation with the help of the cybercrime unit of the National Police.
The police managed to locate the individuals responsible for the cyberattack after a year of following their traces.
Spain operates seven nuclear reactors in six power plants in Cáceres, Tarragona, Valencia, Guadalajara, Salamanca, and Córdoba, covering around 20% of its national power needs with the program.
As no further details have been provided in the police’s announcement, the reason behind the sabotage is still not clear.
Image Credits : Wired