Crossword’s Trillion protects Spanish Public Administration

Crossword Cybersecurity, the cybersecurity solutions company focused on cyber strategy and risk, has announced the completion of a project to expand the scope of its services with CCN-CERT, the Information Security Incident Response Team (CERT) of the National Cryptologic Centre in Spain (CCN), which is accountable to the Spanish National Intelligence Centre.

CCN-CERT has expanded its use of Crossword’s cloud-based breached account mining platform, Trillion, to protect its entire public administration, including its education sector. Trillion is Crossword’s breached account mining platform, which continuously tracks, correlates and analyses billions of stolen usernames and passwords.

Back in 2020, during the height of the Covid-19 outbreak, CCN-CERT needed to act immediately to further enhance the security position of its national health infrastructure. The head of the cybersecurity department at CCN contacted the Trillion operations team after its global offer of support to help protect digital identities within health services. In a matter of hours, the team at CCN was given access to Trillion, every health organisation across Spain was configured in the platform and breached credentials data was being fed back into the CERT.

Protecting a whole public administration

After a period of successful operation across the health sector, CCN-CERT decided that a wider scope for Trillion would provide even greater visibility of digital identities, such as account usernames and passwords, that may have been leaked from third parties and shared for exploitation by criminals.

Crossword collaborated with the CERT to implement new features which would enable it to extend the use of Trillion to local Government departments and organisations, while still maintaining a central, national view within the CERT. At this scale, it was critical that Trillion was able to deliver the data both locally and nationally when it mattered.

Trillion, with the new features, was rolled out over the following weeks. CCN-CERT invited hundreds of local authorities, municipalities, town halls and central government departments to come on board using simple automated signups, which took a matter of minutes to complete.

Trillion is now monitoring hundreds of organisations, thousands of domains and reporting leaked data on hundreds of thousands of public workers across Spain.

Jon Inns, Product Director for Arc and Trillion, comments: “Protecting large, distributed organisations, such as the public sector, where many individual entities exist is one of the more challenging aspects of cyber security at scale. Working with CCN-CERT, we have used Trillion to create a strong layer of multi-tenanted visibility to help defend against credential misuse, while ensuring that it’s easy for organisations to participate and benefit, from universities to hospitals. Trillion gives a central view of threats and lowers the risk of public services being exploited through credentials based attacks.

“Crossword considers CCN-CERT a true business partner, and we learn as much from their feedback on our products as they do from our data. By listening closely to clients’ needs we are continuously enhancing Trillion to support the cybersecurity needs of organisations operating at the top of their game.”