Ayuntamiento de San Bartolomé de Tirajana

The Ayuntamiento de San Bartolomé de Tirajana is the municipal city council responsible for the local governance of the municipality of San Bartolomé de Tirajana, located in the Canary Islands, Spain. As a foundational public administration body, its core function is to provide essential services and manage civic affairs for the residents and businesses within its territorial jurisdiction. This encompasses a wide range of responsibilities typical of Spanish ayuntamientos, including urban planning and zoning, maintenance of public infrastructure such as roads and lighting, waste management, local cultural and sports programming, social services, and the regulation of local economic activity. The council operates as the primary point of contact between the community and the public administration, handling citizen inquiries, permits, and enforcing municipal bylaws. Its scope is inherently local, focused on the specific needs and development of the San Bartolomé de Tirajana area, making it a critical institution for daily community life and regional compliance with national and European Union statutes. The council's authority is derived from Spanish municipal law, positioning it as an autonomous entity within the broader framework of the state's decentralized governance structure.

The operational scale and digital footprint of the council were significantly highlighted by a major ransomware incident in March 2022. This cyberattack encrypted approximately 265,000 files, representing about 18 percent of the total data across its municipal servers, and disrupted multiple critical systems. The intrusion's detection via employee access issues prompted an immediate technical response, including the isolation of compromised servers to halt the encryption process. The subsequent investigation, conducted in collaboration with Spain's National Police cybercrime units and an external cybersecurity firm, traced the attack's origin to an IP address in Bosnia-Herzegovina, though the precise initial entry vector remained undetermined. The council's response involved a systematic recovery process: uninfected servers were cleaned, updated, and restored for essential operations, while infected systems remained offline pending thorough eradication of the threat and monitoring for residual risks. This event underscores the council's management of substantial volumes of sensitive citizen and administrative data, its adherence to national protocols for cyber incident response involving law enforcement, and its reliance on specialized external expertise to navigate a severe breach of its IT infrastructure. The incident serves as a documented case of the cybersecurity challenges faced by local government bodies and their operational resilience in the face of such threats.