The City Council of Elche was the victim of a serious cyberattack this week, adding a new incident to the long list of Spanish councils affected in 2025. The attack has left municipal computer systems inoperative, forcing administrative management to be paralyzed and an emergency protocol activated. This case confirms the growing vulnerability of public bodies to ransomware and sophisticated criminal techniques that seek to impact operations and steal or encrypt critical data.

What has happened in the City Hall of Elche?

  • On Monday, August 25, the City Council of Elche reported the detection of a cyberattack that paralyzed all municipal computer systems and forced the suspension of administrative deadlines and digital procedures.
  • The emergency protocol was immediately activated, transferring citizen care to an exclusively face-to-face format.
  • The Crisis Committee and the ICT Security Center of the Valencian Community (CSIRT-CV), together with specialized companies and the National Police, mobilized from the outset to analyze and contain the incident.
  • According to municipal sources, normality is not expected until the affected systems are fully restored. Meanwhile, citizens affected by the lack of digital services will be called when operations return to normal.
  • The attack is reminiscent of recent similar incidents suffered in other local administrations such as Vila Joiosa, Melilla, Badajoz, Níjar or La Rinconada, some clearly associated with ransomware, which have paralyzed services and encrypted municipal data.

The rise of ransomware and attacks on councils in Spain

  • The public sector, and in particular city councils, have become a priority target for ransomware and cybercriminal groups in 2025, according to data from INCIBE and ESET.
  • The modus operandi is usually the deployment of malware that encrypts computer systems to demand a ransom in exchange for regaining access or preventing data breaches.
  • Throughout Spain, there have been notable incidents in Councils and City Councils of Valencia, Badajoz, Cáceres, Gipuzkoa, Murcia, Palma de Mallorca, Zaragoza, Vigo and others, associated with bands such as NoName057 (16), TwoNet or Hunters International.
  • In many cases, emergency measures apply: disconnecting servers, suspending electronic procedures and extending administrative deadlines.

Why are city councils such attractive targets for cybercriminals?

  • The accelerated digitalization of public services in recent years, together with the lack of resources and personnel specifically trained in cybersecurity, has multiplied the attack surface of local governments.
  • City councils manage highly sensitive citizen data, licenses, registrations, revenue and social services, making them a priority target for high-impact attacks and extortion.
  • Many councils have old IT infrastructures and lack investment in systems for detection, backup and recovery against ransomware.
  • Social and media pressure to restore service quickly may motivate some administrations to pay ransoms or to make short-term decisions that may compromise future security.

Keys to prevention and reaction: Apolo Cybersecurity recommendations

  • Keep systems and backups up to date, segmented and protected against ransomware.
  • Create and review clear response and communication protocols for cyber incidents.
  • Train public employees in phishing detection, social engineering and digital hygiene practices.
  • Perform regular simulations and risk assessments on the most critical accesses and vulnerabilities.
  • Strengthen collaboration with organizations such as CSIRT, INCIBE and the National Police for faster and more effective responses.

🛡️ Request your free consultancy with Apolo Cybersecurity and reinforce the protection of your administration

The cyberattack on Elche City Council highlights the urgency of strengthening the cybersecurity of public institutions in Spain in the face of the acceleration of threats such as ransomware. Only with anticipation, training and advanced technology can the continuity of services, citizen data and trust in administrations be preserved.

Do you manage public systems and do you want to know if your city council is prepared for a cyberattack?

Prev Post
Next Post

Any questions?
We're happy to help!

CONTACT US TODAY!
info@apolocybersecurity.com
Data Controller: Apolo Analytics SL
Purpose: To process your request and respond to your message.
Legal Basis: Consent of the interested party upon submitting the form.
Recipients: Data will not be transferred to third parties, except under legal obligation.
Rights: You may exercise your rights of access, rectification, and deletion, among others, by sending an email to secretaria@apolocybersecurity.Com.
Additionall information: You can view the full information on our Privacy Policy.

Thank you!

Your message has been successfully received.
Oops! Something went wrong when submitting the form.
We are waiting for you!
Schedule a call
Project photo
send us an email
Project photo
+34 937948378
Project photo
Carrer de Sant Joan de la Salle 42, Barcelona, spain
Project photo
FAQScontactTERMS AND CONDITIONSWork with Us
Accelerated by:
Certifications:
Light Eyes is part of Apolo Cybersecurity
LEGAL NOTICEPRIVACY POLICYCookies
Copyright © 2025 Apollo Cybersecurity