831 proven intrusions were brought to the attention of the French cybersecurity policeman in 2022, compared to 1082 in 2021. © Getty — Bill Hinton/Moment Mobile ED
There were fewer cybercriminal threats in 2022 than in 2021. This is what emerges from the Panorama of the 2022 cyberthreat unveiled by the National Agency for the Security of Information Systems (Anssi). Thus, 831 proven intrusions were brought to the attention of the French cybersecurity policeman last year, compared to 1082 in 2021.
However, this does not mean that the threat has become lower in intensity. It is changing, as individuals and professionals protect themselves better and better and are less inclined to pay the ransom when they are victims of attacks by ransomware. “While a drop in ransomware-related activity has indeed been observed by Anssi on regulated public and private operators, with the exception of hospitals, it does not illustrate the general evolution of this cyber threat which is continuing. at a high level by shifting to less well-protected entities”observes the agency.
VSEs, SMEs and ETIs targeted by ransomware attacks
Fewer in the first half of the year, ransomware attacks have multiplied since the summer of 2022, and this resurgence of cybercriminal activity has not faded since. “This cybercriminal threat particularly affects VSEs, SMEs and ETIs (40% of ransomware processed or reported to Anssi in 2022), local authorities (23%) and public health establishments (10%). More stealthy than Previously, cryptomining, which allows the generation of significant funds, reinvested by malicious actors to acquire new capacities, should not be neglected either”estimates the Anssi.
To put their targets in trouble, attackers are not only looking for stealthy methods, but also discreet angles of attack. Thus, criminals attempt to compromise peripheral equipment, such as firewalls or routers. And for good reason, as the latter are permanently connected, they offer an ideal gateway to cybercriminals. “Uncontrolled digital uses and weaknesses in data security continue to offer too many opportunities to attackers. The use of the cloud and the outsourcing of services to digital service companies, when they are not accompanied no suitable cybersecurity clauses, represent a serious threat”also judges the French cybersecurity policeman.
China’s spy operations in the sights of Anssi
However, it was not the ransomware attacks that mobilized the 675 Anssi agents the most, but the threats of computer espionage. A total of 19 cyber defense operations were handled by the agency over the past year. “Nearly half of the agency’s cyber defense operations in 2022 involved open source modus operandi associated with China. Repeated, these intrusions demonstrate a sustained desire to break into the networks of strategic French entities”explains the agency now headed by Vincent Strubel, who succeeded Guillaume Poupard, who left to join Docaposte, the digital subsidiary of La Poste, as deputy managing director and member of its executive committee.
The war in Ukraine has also been conducive to the proliferation of cyberattacks, in particular by computer sabotage or by distributed denial of service attacks based on compromised information systems. “While sabotage attacks have so far been relatively limited to Ukraine, the evolution of the conflict and its economic consequences call for particular vigilance, particularly in the energy sector”warns Anssi.
Olympic Games and the Rugby World Cup in sight
In this anxiety-provoking climate, the French agency places great hopes in the transposition of the new NIS 2 (Network and Information Security) directive into French law in the second half of 2024 at the latest, to raise the level of cybersecurity of thousands of entities. , ranging from SMEs to CAC40 companies in at least 18 business sectors. As a reminder, the NIS directive was introduced in 2016 in order to strengthen cooperation between the Member States of the European Union. In particular, it set obligations for operators of essential services such as energy, transport, health and finance.
To protect the French from online attacks, the government is also deploying several devices, such as an anti-scam filter which should be deployed to the general public in 2024, and a cyberscore, modeled on the system of Nutri-Score labeling, from October 1, 2023. The arrival of these two mechanisms is part of the national plan for cybersecurity presented in 2021 by Emmanuel Macron. This is endowed with a budget of one billion euros to accelerate the development of the sector. “As France prepares to host major events such as the Rugby World Cup in 2023 and the Olympic and Paralympic Games in Paris in 2024, we must reinforce everyone’s vigilance and responsibility, to face all together this threat”said Vincent Strubel, director general of Anssi.