The XIV edition of RootedCON, the largest and most prominent cybersecurity and technology event in the national scene and one of the most relevant at the European level, has highlighted various research and innovations in cybersecurity during the conference.
Borja Adsuara, a lawyer and expert in digital law, warned about the increasing control over citizens with the growing use of Big Data and Artificial Intelligence technologies. Following the approval of the EU Artificial Intelligence Regulation, it is observed that there is no specification of who will be responsible for monitoring the authorities and public bodies using AI. Therefore, he raised the question during his intervention of who watches the ones who watch us.
In Spain, with the approval of the Organic Law on Data Protection and Digital Rights Guarantee, this aspect sets a dangerous precedent. It was determined in the law the possibility of not imposing administrative fines on public authorities or bodies for the improper use of AI. Therefore, Adsuara urges to pay special attention to the application in Spain of the RIA, to design an effective system of surveillance, guarantees, and sanctions for the uses of AI by public authorities.
Regarding public bodies, Tomás Isasia in “METIS: The Titanide (Abusing the trust of public documents)” addressed the issue of verifying the authenticity of official documents in digital environments.
He highlighted how the lack of proper adaptation of traditional procedures has allowed the submission of altered documents, with no subsequent possibility of verifying their authenticity or the use of only digital signatures for validation. Additionally, he pointed out that the verification systems themselves have difficulties in detecting altered documents, facilitating deception by attackers.
On the other hand, Miguel Ángel de Castro and Tomás Gómez analyzed different adversities that the Government of La Rioja had to overcome. They explained firsthand what had been the point of entry for the different attackers; analyzed the various measures used for containment and eradication of each threat; and indicated who was behind each attack. The session ended by emphasizing the importance of the reaction capacity in times of crisis.
Likewise, the presentation “Dr. Jekyll and Mr. Hyde – The 2 faces of an incident” by Marc Rivero and Sandra Bardón, delved into a detailed analysis of the APT MuddyWater group, known for their cyberattacks since 2017 in Iraq, Saudi Arabia, and other regions, extending to Europe and the United States, among others, with a recent increase in countries like Jordan, Turkey, and Russia.
The geopolitical motivation of the group was highlighted, as well as the use of advanced techniques for malware obfuscation, and the advanced methods they have developed to evade security detection. They emphasized the importance of understanding their methods for effective defense and a combined approach to comprehend their TTPs (Techniques, Tactics, and Procedures).
Another analysis was presented by Andrés Soriano and Javier Rodríguez in “Cyberwar: Cyberattacks on critical infrastructures in the Middle East conflict,” about the dynamic conflict in the Middle East, with a particular focus on the tension between Israel and Iran.
They focused on how both sides employ advanced intelligence and cyber intelligence strategies to infiltrate and manipulate individuals with access to sensitive information. In fact, Iran has managed to extract data on critical Israeli infrastructures, even recruiting a former Minister of Energy and Infrastructure of Israel as an undercover agent.
These incidents highlight the growing vulnerability to cyberattacks and the need for a consolidated national cybersecurity, as well as the importance of an objective assessment of evidence in the complex geopolitical scenario, especially against Iran’s sophisticated tactics, such as false flag attacks through hacktivist groups.
Gabriel González led an investigation focused on the feasibility of hacking a high-security commercial drone, specifically a model from the popular brand DJI. Despite the advanced security mechanisms of these drones, the study explored various techniques to overcome these barriers, including a technique based on electromagnetic pulses to manipulate the chip functions and gain control of the drone.
In conclusion, the research presented reveals the urgent need to consolidate cybersecurity in public and military institutions. This event has been a significant opportunity to analyze and debate effective strategies to face these new, increasingly complex challenges in the current digital era.