Last Sunday, The City Council of Elche suffered the biggest cyberattack in its history. According to INTERPOL and the National Police, the attackers disabled the municipal network and demanded €1 million in exchange for returning the stolen data. 

The collapse affected the entire digital infrastructure, including the municipal electronic headquarters, suspending administrative deadlines for open cases. A week later, Elche City Council is back to normal.

The work of several institutions, such as the Valencian Community ICT Security Center (CSIRT-CV), was fundamental in overcoming this crisis.

According to data from Inetum, Spain is among the top five countries most affected by ransomware attacks, which consist of stealing data in exchange for a large sum of money. 

In 2025, these attacks doubled compared to 2024, demonstrating the consolidation of ransomware as one of the main threats in the current cybersecurity landscape. 

What measures can institutions implement to prevent these cyberattacks?

• Creation of a temporary secure network: this allows services to be resumed quickly and efficiently.
• Thorough review of computer equipment: all devices are evaluated to ensure they are virus-free.
• Coordination with specialized agencies: collaboration with cybersecurity experts is crucial to overcoming this crisis.

Collaboration between state and local agencies is crucial. Local governments are not alone in the fight against cyberattacks. Agencies such as CSIRT-CV enabled the review of the most critical areas, such as the Treasury and Public Services, to be quickly reactivated. 

How can future incidents be prevented?

The experience of this attack provides lessons in preventive measures:

• Supervision of all operations: Every action taken by municipal staff is reviewed by cybersecurity experts.
• Coordination meetings: Hold regular meetings to ensure that all departments are aligned in protecting the systems.
• Improve identity and access management: Two-factor authentication for users and password changes help protect the systems.

How can greater awareness be promoted among employees? 

According to a report by cybersecurity company So Safe, there are three pillars for promoting employee integration with these measures: 

• Customization of awareness programs: Educating employees on the importance of cybersecurity will help them understand their fundamental role in collaborating against cyberattacks. 
• Personalized training: Creating additional training for employees will promote practices that will make access to government agencies impenetrable. 
• Awareness measures through communication applications: Disseminating information about these cyberattacks raises awareness of the challenges of the future and how protecting institutions involves us all as citizens.