Spain cyber security and cyber crime statistics

Cyber crime is increasing worldwide, and as society becomes increasingly digitally connected, cyber security concerns continue to grow. Individuals and businesses in Spain are no strangers to cyber attacks. Most organizations have dealt with some sort of cyber crime and the country itself is the source of many attacks.

Here, we shine a spotlight on Spain and look at the latest facts, statistics, and trends surrounding cyber crime and cyber security in the country.

1. 91.8% of Spanish organizations were compromised in one or more successful attacks in the past year

The CyberEdge Group 2022 Cyberthreat Defense Report (CDR) provides insight from security professionals across the globe. It found that over a 12-month period, over nine in 10 Spanish companies had experienced a successful cyber attack. Out of all organizations surveyed across the globe, 40.7 percent reported being “frequent victims,” dealing with six or more successful attacks within a year.

2. 62% of Spanish organizations were impacted by ransomware in 2020

The 2021 CDR report found that most countries saw a significant impact as a result of ransomware in 2020. In Spain, well over half of all organizations (62 percent) were affected by such an attack, more than the likes of Italy (60 percent) and Japan (56 percent). While Spain’s figure seems high, there were a number of studied countries that were worse affected. This includes Australia (79.6 percent), the USA (78.5 percent), and Saudi Arabia (77.6 percent).

3. Spanish organizations allocate 11.9% of their IT budget to security

According to the CDR, Spanish organizations spend just under 12 percent of their IT budget on security. This is slightly higher than in several countries including Italy (11.6) and Singapore (11.4), but lower than others. Brazil tops the list at 15.6 percent followed by Turkey at 15.3 percent. The 2022 mean across all countries studied was 12.7 percent, exactly the same as in 2021.

4. Over a third of Spanish organizations have a preference for security products that use cloud delivery

It seems that Spanish organizations are keeping up with technology. The CDR tells us that 38.5 percent say that when it comes to selecting security products, they have a strong or moderate preference for those that use cloud delivery systems. While more than China (30.9 percent) and Germany (31.3 percent), it was still some way behind Brazil’s 50.3 percent.

5. Spain was one of the top 3 countries attacked by mobile banking malware

Kaspersky’s report on mobile malware breaks down which countries were worst hit by mobile bankers in 2021. The study found that 1.55 percent of Spanish users were attacked by mobile banking trojans. This was significantly lower than the rate in Japan which took the top spot with 2.18 percent, more than twice that of Turkey, with 0.71 percent.

6. Over 40% of Spanish organizations were hit by ransomware in 2021

The Sophos State of Ransomware Report 2021 reveals how many organizations in each country were hit by ransomware. At 44 percent, Spain was above the global average of 37 percent. This, according to the report, was far higher than Poland (just 13 percent) and Japan (15 percent). However, it was still far less than India (68 percent) and Austria (57 percent).

Sophos 2021 Ransomware attack levels by country
Source: Sophos

7. Data encryption was prevented in around a quarter of all attacks

The Sophos State of Ransomware Report 2022 notes how often organizations were able to stop attacks before data encryption took place. Spanish companies fared well, stopping 26 percent of attacks in their tracks. However, other countries did far better, with Saudi Arabia stopping 62 percent of all encryption attempts.

8. Only 16% of victims paid the ransom

Although the remaining 84 percent of attacks did involve data encryption, the ransom was paid by only 16 percent of victims. This was lower than many other countries studied. Preparedness was likely a major factor here as Sophos found that on average, 73 percent of companies were able to restore data from backups.

9. Ransomware attacks cost Spanish companies an average of $750,000

Sophos tells us that the ransomware remediation cost increased by 25 percent from 2020 to 2021. Spanish companies spent an average of $600,000 to remediate a ransomware attack in 2020, and this rose to $750,000 in 2021. While this sounds high, it was significantly less than the $1.85 million USD global average. Austrian organizations had the highest remediation bill at an average of over $7.75 million, followed by Belgium at $4.75 million and Singapore at $3.46 million.

10. 83% of Spanish companies have cyber security insurance

One more interesting point covered by Sophos is the popularity of cyber security insurance. More than eight in 10 companies in Spain have a cyber insurance policy and 70 percent of organizations have ransomware covered under their insurance.

11. Only 28% of Spaniards know what ransomware is

Proofpoint’s 2021 State of the Phish Report asked users in various countries about the definitions of terms such as phishing, ransomware, and malware. Only around one in five respondents knew what ransomware was. The country did fare better with some other terms including phishing (63 percent) and malware (75 percent).

12. A 2021 ransomware attack affected 700 SEPE offices across Spain

The SEPE (the Spanish government labor agency) was the subject of a large ransomware attack in March 2021. Systems were impacted in more than 700 offices across the country, forcing workers to temporarily halt the digital processing of applications and instead work manually. The popular Ryuk ransomware was reportedly involved in the attack.

13. Spain was responsible for 3% of 2021 spam

A Kaspersky report on spam and phishing in 2021 found that a relatively small portion of spam originates in Spain. The country is the source of 3 percent of spam, whereas the top source, Russia, is responsible for 24.77 percent.

sources of spam

14. Spain was a core target for malicious email campaigns in 2021

Another notable statistic from the Kaspersky report was the fact that Spain was the top target for malicious email campaigns in 2021, receiving a share of 9.32 percent. In second place was Russia with 6.33 percent and in third was Italy with 5.78 percent.

15. Spain scored 59th out of 75 countries for cyber security

A Comparitech study gave each of 75 countries a score based on a variety of factors including the rate at which users experience various types of malware and phishing attacks. In terms of overall cyber security, Spain ranks fairly low compared to other countries with a score of 23.34. The range was 3.56–35.54 (lower is better). Denmark, Sweden, and Ireland topped the list, while Tajikistan, Bangladesh, and China made up the bottom three.

16. Spain is in the top five countries affected by stalkerware

A 2021 Kaspersky report on stalkerware found that Spain was one of the top six countries impacted by this type of malware. 321 users in the country dealt with stalkerware in 2021, tying with Poland for fifth place. In Germany, the number was much higher at 1,012, with Italy (611), the UK (430), France (410) making up the remainder of the top five. That said, European numbers are significantly lower than in the worst-hit countries which include Russia (7,541 impacted users), Brazil (4,807), and the US (2,319).

stalkerware impact europe

17. Most attacks disguised as popular TV shows came from Spain

A 2020 Kaspersky study looked at how cyber criminals use popular TV shows to spread malware through streaming platforms. The top shows used as lures were The Mandalorian, Stranger Things, The Witcher, Sex Education, and Orange Is the New Black. Over half (51 percent) of the attacks disguised as these five shows originated in Spain.

18. Cyber crime in Spain rose by 300% during the pandemic

A cyber security expert from the International University of La Rioja (UNIR) Juan José Nombela estimates that cyber crime has increased up to 300 percent during the pandemic. The surge is attributed to increased use of digital banking and online shopping, among other shifts.

19. 43% of the population don’t have basic digital skills

According to the Spanish government’s Nation Digital Skills Plan, 43 percent of Spaniards lack basic digital skills. As such, training and education is a key component in the country’s cyber security strategy.

20. Spain is a hotspot for the sale of fake COVID-19 vaccines and certificates

Since the development of various COVID-19 vaccines, many counterfeit versions have popped up on darknet marketplaces. In addition, fraudsters are peddling “vaccine passports,” fake documentation that claims the holder has received a vaccination. Spain was named among the hotspots for this activity, alongside the US, Germany, France, and Russia.

A fake vaccine advertisement.
Source: Check Point

21. An illegal streaming service had over 2 million subscribers

In June 2020, police arrested a total of 11 individuals, four of whom were located in Spain. The arrests were made in relation to the illegal distribution of audio-visual content in Europe, the Middle East, and Asia. The network was broadcasting more than 40,000 channels, TV shows, and movies illegally to an estimated two million subscribers. Other arrests were made in Germany, Sweden, and Denmark.

22. 86% don’t know how to report cyber crime

A February 2021 study examined how many Europeans know how to report cyber crime. The numbers were quite alarming with 77 percent on average reporting that they didn’t know how to report illegal online behavior. The numbers in Spain were even worse than the European average with 86 percent saying they lacked knowledge on this topic.

23. 23 Spanish suspects were arrested for stealing €12 million from US banks

In February 2021, a Europol operation led by the Spanish National Police saw the arrest of 105 people involved in a massive fraud and money laundering scheme. The sting was the result of an investigation into a crime ring that managed to steal more than €12 million from over 50 US banks. The criminal organization involved was mainly formed of Greek nationals, but most of the retailers who assisted with fraudulent transactions were based in Spain.

Europol infographic.
Source: Europol

24. Over 350 GDPR-related fines have been issued in Spain

Since the GDPR was first instituted in 2018, there have been a total of 1,100 fines issued (that have been made public). Well over one-third of these (406) were issued in Spain.

25. The total value of GDPR fines issued in Spain is almost €15 million

In its Data Breach Report 2021, DLA Piper tracked GDPR fine amounts since May 2018. It found that Spanish companies have paid a total of €14,490,094. While this is a large chunk of money, it is significantly lower than the total amount paid by companies in Italy (€69 million), Germany (€69 million), France (€54 million), and the UK (€44 million).

Data breach fines graph.
Source: DLA Piper

26. Vodafone Spain was fined €8.15 million for repeat GDPR breaches

The largest GDPR fine issued in Spain to date was that handed to Vodafone. The company repeatedly breached the GDPR and was ordered to pay many smaller fines before being issued with several larger fines amounting to €8.15 million. The company was accused of various violations including conducting data transfers without proper safeguards in place and contacting customers without consent.

27. Organizations spend 22% of their IT budget on cyber security

The Hiscox Cyber Readiness Report 2021 examines how prepared organizations are for cyber attacks. It found that organizations in Spain spend 22 percent of their IT budget on security. This is fairly comparable with most other countries studied (the range is 20–23 percent) and represents a large increase over 2019 when the figure was 15 percent. However, this report contradicts the CDR mentioned above, which states the figure is closer to 12 percent.

IT security spend.
Source: Hiscox

28. 58% of Spanish firms are ranked as novices when it comes to cyber security

The Hiscox report ranks organizations as novices and experts. 58 percent were ranked as novices and only nine percent as experts. In comparison, in the US, 25 percent are experts and 27 percent are considered novices.

29. 26% of companies have standalone cyber insurance

We mentioned cyber insurance above and that Sophos found that 83 percent of Spanish companies have cyber insurance. Hiscox broke that down to discover who had standalone cyber insurance and found that more than one-quarter of companies carry this type of insurance.

30. Catalonia is the most attacked region in Spain

Data compiled in 2022 reveals that Catalonia is the region of Spain that is most highly victimized by cybercrime. However, Madrid, the country’s capital, comes in a close second. According to a study by VMware, 75% of Spanish cybersecurity professionals say the volume of attacks is increasing and, according to 83% of those professionals, the attacks are growing more sophisticated.

31. 61% of Spanish cybersecurity professionals attribute increasing cyberattacks to remote working

According to VMware Spain Security Insights Report 2021, 61% of security professionals believe an increase in attacks is partially due to more people working from home during the pandemic. This is a reminder of the dangers caused by employees working on official business tasks on personal devices that may be more easily targeted by phishing and malware.

32. Catalonia is spearheading investigations into state use of spyware

In April of 2022, the Vice President of Catalonia called for an investigation into the use of hacking tools by government officials and agencies. The calls were made after it was revealed that the Spanish government (and many others) solicited commercial spyware and hacking tools from Israeli firms NSO Group and Candiro. A study by Citizen Lab revealed that over 60 Catalonian citizens were hacked between 2017 and 2020 for supporting Catalonia’s independence .

This is a reminder of how hacking tools used by criminals may also sometimes be used illegally by governments around the world in order to engage in overreaching levels of surveillance.

See also: