Overview of Spain’s 2021 Cybercrime Landscape
Spain reported over 305,000 computer-related offenses in 2021, marking a 6.1% increase from the prior year, according to the Criminal Statistics System (SEC). This finding is part of the latest release from the General Directorate of Coordination and Research, under the Ministry of the Interior, and supported by the Secretary of State for Security.
The organization published the IX Report on Cybercrime in Spain last year. It compiles data from the State Security Forces and Bodies and incorporates results from agencies such as the SEC and the Office of Cyber Security Coordination (OCC). The analysis also factors in surveys conducted by organizations like the National Institute of Statistics (INE) to compare 2021 against earlier years and to gauge the overall trajectory of cybercrime in Spain. The report aligns with European data standards and notes the role of EUROSTAT analytics in shaping the regional picture.
Key findings indicate that cyber threats remain a priority for public institutions, while also highlighting the need for society to stay informed about ongoing information technology usage worldwide.
INE figures for 2021 show higher levels of digital access and internet connectivity compared with 2020, with Spain recording a higher share of homes online than the EU average. The report emphasizes that rising internet use correlates with increased cybercrime activity.
SEC data confirm a rise in computer crime from 2017 through 2021. In 2021, a total of 305,477 incidents were documented, a 6.1% rise from the previous year. About 87.4% of these were categorized as computer fraud, while 5.7% involved threats and coercion by cybercriminals. These figures reflect known offenses rather than the full scope of cases that are later clarified or resolved through arrests or ongoing investigations.
While 305,477 incidents are recorded, only 46,141 cases were fully clarified, with 13,801 resulting in arrests and further investigation of offenders. Geographically, the Community of Madrid, Catalonia, Andalusia, and Valencia show the highest concentrations of cybercrime, with Madrid, Barcelona, Seville, Valencia, Alicante, Malaga, and Vizcaya leading provincial tallies.
Victim Profiles and Trends
Criminal activity in Spain employs a range of techniques, with the most prevalent offenses including threats, disclosure of secrets, and targeted computer intrusions. The SEC data indicate that the majority of cybercrime victims are male (about 51.9%) and aged 26–40, who are most often drawn into hacking, threats, and coercion schemes. Women, on the other hand, are more represented in cases involving marital status usurpation, crimes against honor, or sexual exploitation of minors, according to the report.
Regarding victim nationality, Spanish residents account for roughly 87.5% of cases, while foreigners represent about 12.5%, with the largest groups coming from Morocco, Romania, and Colombia. For those arrested or investigated for cybercrime, about 79.3% are of Hispanic origin, with the remaining 20.7% from other regions, including Europe, the Americas, Africa, and Asia.
The age distribution among arrestees or investigated individuals in 2021 shows the highest numbers in the 46–40 range, followed by 18–25 and 41–50 cohorts.
EU Context and Policy Developments
The IX Report also revisits EU-level policy actions dating back to 2017, when a framework for a common diplomatic response to malicious cyber activity began to take shape. Although the formal framework was set in 2019, member states have since advanced resilience measures and security initiatives, including the development of a European digital identity.
Across member states, ransomware remains a common tool for attackers, according to data compiled by the European Union Agency for Cybersecurity (ENISA) and summarized in the report. The documented trend shows that the average ransomware payment demands have risen. Malware incidents declined by 43 percent, while cryptocurrency mining attacks remain prevalent in some cybercrime ecosystems. Phishing, especially in the context of ongoing COVID-19 concerns, continues to be a dominant threat vector via email.
In the domain of data security breaches, the report notes an uptick in attacks targeting healthcare. The pandemic is highlighted as a contributor to disinformation campaigns and a broader focus for cyber attackers.
These patterns underscore the importance of robust cybersecurity measures for individuals, organizations, and public institutions across Spain and the broader European Union. The ongoing evolution of threats calls for accessible awareness, improved defensive practices, and coordinated policy responses to reduce risk and increase resilience.