Published on modified
(Boursier.com) — Is the war in Ukraine a game-changer for cybercrime?
Jean-Noël de Galzain: We are already in a period where malware and cyberattack campaigns are booming. With the current climate of war, there is an increase in the cyber threat, all specialists and States say so… Data is the black gold of artificial intelligence and therefore the capital of companies. If there is an upsurge in attacks, organizations with little or no protection will experience a real tidal wave. For some of them, it’s the end of the business: They can no longer sell, they can no longer invoice, they can no longer guide their employees and risk finding themselves isolated from the rest of the world. There is also a second risk, much less palpable but which is more serious and can have irreversible consequences: it is the reputation, and criminally a company manager is responsible for the data entrusted to him. The crisis we are experiencing with Russia’s invasion of Ukraine risks reminding organizations that cybersecurity is not an option.
Boursier.com: Are your clients worried about this conflict in Ukraine?
Jean-Noël de Galzain: Today we are seeing an upsurge in malicious activity on the messaging side of our partners. There are increased risks of “phishing” type, email usurpation… On the other hand, for the moment, there is no direct proof of this conflict (apart from the release of some malware at the end of 2021) . But the Ukrainian crisis has not yet “hit” our customers’ information systems. On the other hand, I think that this respite must “be used wisely”. Attacks will not necessarily primarily target the headquarters of organizations, which are often better equipped, but the entire ecosystem (service providers, partners, subsidiaries, etc.), which may show weak points. We have received government rules regarding the distribution of our products because we export almost half of our software. WALLIX is prepared and will mobilize its forces. Some of our customers tell us that they are going to speed up the projects being deployed, in particular those which have several entities or several subsidiaries.
Boursier.com: How many companies do you work with and what is their profile?
Jean-Noël de Galzain: We have more than 1,900 customers, a little less than half are in France, the other big half abroad, in 90 different countries, that is to say all of Europe, the Africa, North and South America, and Southeast Asia. Among them, there are small companies, and large companies in various sectors, with different risks to manage.
Boursier.com: Had the health crisis already changed the situation?
Jean-Noël de Galzain: We are at the heart of the system since we manage identities (employees, internal service providers, external service providers) and access to an organization’s applications and data. Our role is to secure this access, to ensure that there are no thefts, and that no intruder enters the system. Then we record everything that happens on the networks to ensure that there is no attack, and that it cannot spread. These are PAM (Privileged Access Management) solutions. Until now, companies used them for the most risky accesses (system administrators, IT populations, etc.). We have since proposed a new strategy called “PAM4ALL”. With telework, it is necessary to secure access for all teams at home and to strengthen authentication. If someone connects remotely, we cannot constantly check whether or not it is he who is accessing. We have the same problem in the industry. Some companies, during the pandemic, wanted to strengthen remote access or the interconnection of factories to applications in the cloud. PAM makes it possible, for example, to secure robotic factories and to make them more flexible.
Boursier.com: In your opinion, what are the main weaknesses of companies when you start a partnership with them?
Jean-Noël de Galzain: Some take the wall and say to themselves “now I’m going to equip myself not to suffer this a second time”. They are sometimes very well known, for example within the CAC 40. There are also town halls, hospitals, which were attacked and found themselves working in pencil and paper with employees on technical unemployment. Fortunately, the majority of companies only need to expand their scope. The main obstacle we encounter today is taking cyber risk into account at the highest level, on par with the lack of resources. We are in a very particular phase of digital, where we have deployed a lot, and we say to ourselves “do I have control of everything?”. Auditors will start to take a closer look at this and will provision for risks. And tomorrow, to benefit from insurance, all companies, and especially the smallest ones, will have to measure their cyber risk. Today, spending in Europe is too low. In France, we oscillate around 5% of the budgets allocated to IT, which is almost one of the lowest on the whole continent! According to the ANSSII (National Authority for the Security and Defense of Information Systems) it should at least be multiplied by two. And Europe itself is well below the United States, or Asia-Pacific.
Boursier.com: The news is full of attacks on town halls, hospitals… Is everyone now likely to be attacked?
Jean-Noël de Galzain: No one is spared and the effect is not the same between the companies which have started to prepare and the others… Those which have done nothing risk a pure and simple disappearance . Every leader must now implement protective measures, regardless of the sector. Most attacks are massive, per campaign, and they are more sophisticated.
Boursier.com: What is the objective of these hackers?
Jean-Noël de Galzain: The first objective, in times of peace, is money. These are criminal organizations, which resell the information they collect. They ransom and live from the purchase and resale of this data. Health data, for example, is extremely valuable and represents a large market. In a period like the conflict between Russia and Ukraine, we are entering into an intelligence war, with attacks to recover sensitive, competitive information. There are also criminal acts that target sensitive or vital organizations.
Boursier.com: You offer a shield to companies, so that no intruder can penetrate their network… Are there many attempts to force it?
Jean-Noël de Galzain: We cannot count these attacks, but there are a lot of them… One of the types of risks we are currently facing are DDoS (Distributed Denial of Service Attack). , Editor’s note). They consist in flooding a digital system, with simultaneous accesses, which come from everywhere to bring down, for example, a commercial or administrative website. The real current risk is phishing or phishing attacks which will bring a risk of malware or ransomware. I can therefore only invite organizations to protect themselves and to implement ANSSI’s recommendations in particular or to contact Hexatrust, which brings together around fifty cybersecurity companies.
Learn more with eToro…