The National Institute for Research in Agricultural and Food Technology (INIA-CSIC) was the victim of a cyberattack on November 12 that left its more than 600 employees without access to computers, the Internet or data stored on the internal network. The situation affects scientific and administrative operations, complicating requests for essential equipment and care for research animals, as El País reports.
INIA, which is part of the CSIC, is a reference in agricultural, animal and environmental research, in addition to working with advanced techniques such as CRISPR gene editing. It also plays a key role in the conservation of endangered species. This cyberattack is the first in the history of the institute according to its management. However, workers at the center explained to the aforementioned media outlets that it has many outdated computers that do not support modern systems like Windows 11, increasing vulnerabilities.
To mitigate the effects, the CSIC has invited researchers to telework while essential processes are managed manually. The Cybersecurity Operations Center of the State General Administration is investigating the attack, but no details about its origin or scope have been released. The disconnection also affects key centers such as Animal Health, which manages dangerous pathogens, and other INIA departments.
The problem persists two weeks after the incident, with employees being poorly informed via internal emails. Despite the efforts of the institute’s IT team and an external company, the network remains inoperable. It is unclear whether the cyberattack compromised sensitive information. For now, neither the CSIC nor the Ministry of Science have offered any public explanation on the situation.
This incident is reminiscent of the ransomware attack suffered by the CSIC in 2022, when another cyberattack left its network inoperable for more than a month. On this occasion, INIA was not affected, but this time it was not as lucky.
