Calm or simple temporary plateau before a new rise? Questioned by ZDNet.fr, the Paris prosecutor’s office reported 420 new investigations into ransomware attacks opened in 2022 under its concurrent national jurisdiction.
The good news is that this figure is down from 2021, which had 496 open investigations for ransomware attacks. The year 2020 had ended with 260 new investigations for such facts, while 2019 had been much more lenient, with only 17 investigations opened.
Ransomware attacks being the main current cybercriminal threat, these figures are an interesting indicator to measure the extent of the phenomenon in France.
Consequence of the war in Ukraine?
However, we must remain cautious in the interpretation to be given to these figures. “The drop in the number of open investigations does not seem significant,” observes François Deruty, director of operations at cyber threat intelligence specialist Sekoia.io. “And we haven’t seen any specific new measures in France that could have reduced the number of ransomware attacks. »
This downward trend in the number of new investigations for ransomware attacks in 2022, already mentioned in December by Le Mag It, had been anticipated in the fall.
The deputy Florent Boudié, in a recent parliamentary report, had sketched out a path of explanation. The Russian invasion of Ukraine, wrote the deputy, would have “strongly, but temporarily mobilized cybercriminals”.
“Acceleration decreases”
“I don’t know if we’ve reached a peak, [mais] the acceleration is decreasing, ”said Guillaume Poupard, about the cybercriminal threat, during his last hearing as head of Anssi before the deputies.
In the United States, the company Emisoft has also noted a stabilization of ransomware attacks targeting public organizations or schools.
The firm had however deplored at the same time fragmentary statistical information. In France, even if all the victims do not lodge a complaint, the judicial authority is relatively well informed, for example thanks to the CNIL, which notifies it – a legal obligation – of the attacks of which it is aware.
The turning point of 2020
In total, the Paris public prosecutor’s office opened 611 investigations in 2022 under its concurrent national jurisdiction. A figure slightly higher than 2021, with 602 new investigations, but much higher than 2020 (409 new investigations) and 2019 (65 new files).
The Paris public prosecutor’s office has national concurrent jurisdiction for offenses involving attacks on an automated data processing system – the legal term for talking about computer hacking. As such, it is the central hub for cyber judicial investigations in France. Its specialized section has three magistrates, two clerks, two specialized assistants and an assistant lawyer.
In a podcast from the company Gatewatcher, the head of the cyber section of the Paris public prosecutor’s office, the magistrate Johanna Brousse, had noted the pivotal nature of the year 2020, which had seen an “explosion of cybercrime cases”.