INTERVIEW – Emmanuel Macron announced on Monday a major plan to fight against cyberattacks, a phenomenon that has been on the rise since the pandemic. Faced with threats, France must indeed strengthen its “protective mesh”, believes François Deruty, former deputy director of operations of the National Agency for the Security of Information Systems (Anssi).
Maëlane Loaec –
For several months, they have been in the international news every week: no later than this Friday, January 14, large-scale cyberattacks have targeted Ukrainian government sites. But beyond digital offensives against governments, businesses and individuals are also vulnerable to a cybersecurity breach. In an attempt to curb the phenomenon, which has exploded in recent years, Emmanuel Macron announced on Monday an investment plan of one billion euros against cyberattacks, which includes in particular the creation of 1,500 “cyber-patrollers” and the opening of a training school specializing in the fight against digital attacks.
All the info on
France affected by a fifth wave of Covid-19
Announcements, included in a broader plan on security, and which are welcome, estimates with LCI François Deruty, former deputy director of operations of the National Agency for the security of information systems (Anssi) and at present director of operations for cybersecurity firm Sekoia. According to him, the health crisis, which has led to hyperconnection, is helping to weaken computer systems. Over the year 2020, the number of attacks has quadrupled according to Anssi, and in 2021, those targeting companies have increased by an average of 13% in one year, according to a report by the company. cybersecurity Orange Cyberdéfense published at the beginning of December.
How can this investment plan help the cybersecurity industry?
France is a leader in Europe in terms of security, but these announcements, if they are followed by effect, meet a need that has existed for some time: that of having a better protection network against cyber threats, and not only a few entities like Anssi, which manages state security and goes down the spectrum as much as it can. The cybermalveillance.gouv.fr platform was created in 2017 for citizens and very small businesses.
But there were still things to do for the intermediate segment of SMEs and ETIs (Intermediate Size Companies, editor’s note) who are also victims of attacks and do not always know how to react.
Among the 1,500 “cyber-patrolmen”, there will be many local police officers who will be able to help them. This large-scale awareness and these local contact points are essential today. The creation of a school is also welcome, because we are faced with a real shortage of resources. Developers and cyber specialists are in high demand, but the pool of candidates is smaller than the number of open positions.
“The more you are connected, the more vulnerable you are to attacks”
What forms are cyberattacks currently taking, and why have they increased in recent years?
The submerged part of the iceberg, which we see everywhere in full swing at the moment, are ransomware: attacks that consist of entering any type of computer network to paralyze it and demand a ransom, whether of a company or a local authority. Then there are also many spy attacks, although they are less visible. They can target governments but also companies, to steal an industrial secret, a contract or intellectual property for example.
These attacks have intensified in recent years, because cyber-activities have become much more democratized: before, to carry out a computer attack, you needed solid skills to create your own tools and have plenty of equipment, whereas today you easily find these tools on the internet, on the darkweb (set of clandestine websites, editor’s note). You can also pay someone to do it for you. As these attacks are very lucrative, many cybercriminal groups are created and offer their services. And then, of course, our society today is hyperconnected, and the more we are connected, the more we are vulnerable to attacks.
How could the health crisis play a role in this phenomenon?
She accelerated it, because cybersecurity was already not a daily reflex before, but now, teleworking which makes us even less sensitive to it, because we connect to Wifi in an emergency, from home, in a café, we migrate data to the Cloud (digital storage servers, nldr)… All this opens up some largesse for attackers who are always on the lookout and who take advantage of it.
Cyberattacks have also targeted health centers, blocking patient records or examinations. Unlike private American clinics, the first targets of this wave, the French public hospital has less budget and can therefore pay fewer ransoms. But all the same, this puts a form of pressure on the State: taking this data hostage makes it possible to make itself visible and to create a climate of tension or fear, which encourages the centers that can do so to pay.
“Many people still say to themselves ‘I have nothing secret’, yet we all have things to protect”
Are the French sufficiently alert to this phenomenon?
They are there more and more, in particular because these attacks against hospitals have been very publicized, but they are not yet enough. Many still say “I have no secrets”, yet it can happen to all of us because we all have things to protect, even if we don’t work in a sensitive sector. Recovering a company’s list of customers makes it possible, for example, to obtain e-mail addresses in order to then send booby-trapped messages.
Behind a cyberattack, which at first glance seems ethereal, which cannot be touched, there are always very concrete consequences. In 2020, the lingerie company Lise Charmel had been placed in receivership after such an attack, because it could no longer fill its order books and was on the verge of bankruptcy. There are plenty of stories like that. You have to protect yourself, and there are a whole host of public entities and companies that can help with that. The means exist, it is still necessary to know them and make sure to equip yourself before and not after the attack.
Read also
- Cyberattacks: do French SMEs pay ransoms too easily?
- Cybersecurity: towards an explosion of personal data breaches in 2021?
Beyond protection, how can we identify wrongdoers and stop them?
It’s very delicate, because these are pyramid schemes: a small group, generally very restricted, develops all the tools to carry out attacks, before transmitting them to affiliates to whom they entrust increasingly substantial missions, taking a percentage of the ransoms collected. It’s the same way a mafia works. A lot of attackers get into it, but since everything is virtualized, they are in several countries and never meet.
Carrying out arrests therefore requires international cooperation. In the last 18 months, operations carried out by Europol and Interpol, with the support of several countries, have begun to take hold, but it remains extremely complicated. The attackers have this feeling of impunity behind their screen, and as the lure of profit is attractive, with ransoms which can sometimes go up to millions of euros, the risk-benefit balance is quickly made.
On the same subject
The most read articles
EXCLUSIVE – Presidential 2022: discover the results of our daily survey of January 14
Disabled students: Eric Zemmour’s proposal triggers a new controversy
“Partygate” in the United Kingdom: “Boris Johnson’s resignation is only a matter of days”
Covid at school: “We may have made mistakes”, admits Jean Castex
Covid-19: 3 questions about the deactivation of health passes Saturday January 15