Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Spain to Tighten Control Over Secret Services After Spying Scandal

Spain’s prime minister vowed Thursday to tighten oversight of the country’s secret services in the wake of a scandal over the hacking of top politicians’ mobile phones that has roiled his fragile coalition government.

Spain’s prime minister vowed Thursday to tighten oversight of the country’s secret services in the wake of a scandal over the hacking of top politicians’ mobile phones that has roiled his fragile coalition government.

The affair broke in April when Canadian cybersecurity watchdog Citizen Lab said the telephones of more than 60 people linked to the Catalan separatist movement had been tapped using Pegasus spyware after a failed independence bid in 2017. 

The scandal sparked a crisis between Prime Minister Pedro Sanchez’s minority government and Catalan separatist party ERC which blamed Madrid for the phone hacking.

His fragile coalition relies on the ERC to pass legislation in parliament and remain in power until the next general election due at the end of 2023.

The scandal deepened after the government announced that the phones of Sanchez and the defense and interior ministers were hacked by the same spyware, made by Israel’s NSO Group, by an “external actor” last year.

The revelation raised questions over who was to blame and whether Spain had adequate security protocols.

Sanchez said Thursday his government would “strengthen judicial control” of Spain’s secret services and update procedures to “prevent these security breaches from happening again”.

Advertisement. Scroll to continue reading.

‘Unknown actors’

He also said the government will adopt a new law governing “classified information”, which will replace the existing legislation adopted in 1968 during the dictatorship of Francisco Franco.

“We must urgently adopt regulations to democratic, constitutional principles,” Sanchez told parliament.

Sanchez acknowledged that the mobile phones of 18 Catalan separatist leaders had been hacked by the CNI intelligence agency, but this had been authorized by the courts as required by law.

The “vast majority” of mobile phones that Citizen Lab said were spied on were hacked by “unknown actors, detached from the Spanish administration”, he added. “That is the reality.”

As for the hacking of the phones of Sanchez and his ministers, Spanish media have pointed the finger at Morocco, which was in a diplomatic spat with Spain at the time.

The government has said it was no evidence of who may be responsible.

Earlier this month the government sacked the head of the CNI, Paz Esteban, over the hacking scandal. She was the first woman to lead the agency.

But Catalan separatists said at the time that this measure was not enough and demanded further explanations about the hacking.

‘Cannot clear your government’

Gabriel Rufian, ERC’s bench leader in parliament, said Thursday that Sanchez was ultimately responsible for the spying on the Catalans.

“Why do you come here to promise reinforced judicial control of the CNI when the person controlling the CNI is the head of government, therefore you?” he said.

“You cannot clear your government of everything that happened,” he added.

Sanchez also said it was necessary to “increase the capacities of the Spanish intelligence services”, especially “in the face of attacks by hostile intelligence services”.

There have been a number of scandals in Spain over illegal wiretapping by the intelligence services since the country returned to democracy following the death of long-time dictator Franco in 1975.

In 1995 Deputy Prime Minister Narcis Serra, Defence Minister Julian Garcia Vargas and the head of the intelligence service at the time, Emilio Alonso Manglano, resigned following revelations that they had illegally monitored the conversations of hundreds of people.

More recently, an ex-mistress of Spain’s former king, Juan Carlos I, claimed she was put under unlawful surveillance carried out by the intelligence service.

She said former intelligence agency chief Felix Sanz Roldan threatened her with physical harm unless she remained quiet. Sanz Roldan has denied the accusations in court.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...