Cécile Vignial, a specialist in issues of cyber security, warning of increased danger, linked first at confinement and then at déconfinement.
In a few weeks, the pandemic has made economic activity and social cohesion are dependent on the digital in of unseen proportions. Telework and e-commerce, the businesses, their customers, their suppliers, have taken on new habits, some of which are becoming the norm. Last shared space for the containment, cyberspace has become even more extensive, more populous, more essential - in fact, more attacked. It is crucial that you preserve the integrity. To do this, let's start by dispelling three myths.
The Express values the contribution of women to the economy : receive each week in our articles and the press review of Valérie Lion by subscribing to the newsletter.
1. " It only happens to others"Your support is essential. Subscribe for $ 1 support Us
Because they underestimate their risk exposure digital, many organizations invest too little in safety. This is notably the case of many SMES who think, wrongly, passes under the radar of hackers. In the context of crisis-related COVID-19, this behavior can be severely detrimental. First of all, because the observatories of the numeric risk have identified a series of activities cyber-criminal, affecting primarily structures the least protected. In the health sector, public institutions, including the computer security suffers from a chronic under-investment, have been the illustration. The AP-HP, Ile-de-France, from the beginning of the confinement, and the AP-HM Marseille, have been the target of denial of service attacks (attacks that make a server unavailable). For its part, a health facility in the Gers has been the victim of a rançongiciel.
In addition, a company is vulnerable puts at risk the entire ecosystem of which it is the weak link. If the cost of the cyber attack by the malicious software NotPetya amounted to $ 10 billion, an attack comparable today would be more dangerous : a lot of companies, already battered, does not fall within the scope. Finally, note that all incidents cyber are not the result of external attacks. The loss or leakage of data due to the staff of the company, by error or malice, are legion. For all companies, the question is not if but when they will suffer an incident of cyber. Those who think they are still out of reach are may already be victims : the attacks are often silent and can be detected several months after the intrusion.
2. "It is perfectly immunized"
Some companies deploy to the reverse with an arsenal of protection so complete that their staff think totally protected. However, the recent attacks - as recently, Tarkett, Essilor, or Chubb, a global leader in insurance, reinsurance and risk management specialist... of risk cyber - remind us that no one is immune.
The attacks are increasingly sophisticated : among the recent developments, we can notice the use of artificial intelligence for malicious purposes which allows for example to generate emails highly personalized and credible, the development of "Big Game Hunting" by ransomware targeting businesses, financially robust on which the ANSSI has attracted the attention, or even cyber attacks originating from the state, the more numerous since the beginning of the crisis of the COVID-19.
in the Face of this increased risk, the health crisis has placed companies in a situation of great fragility. In addition to the economic shock, they have managed in the emergency two mutations related to containment : the portion of all their sales/services/mode of operation, in-line, and the explosion of telework (more than 5 million French concerned the beginning of may). The key sources of vulnerability in the digital age : the business use of material private, less protected ; the degraded quality of the home networks ; and the tendency to decline, in and of itself, its level of vigilance.
>>> READ ALSO : Telework : the ISB alert on the cyber-risks incurred by the employees confined
These vulnerabilities have not disappeared, the 11 of may : the déconfinement will be slow and certain habits of work and consumption are taken. It is now necessary to learn how to manage in the long term this risk cyber increased.
In this context, instructions are relayed at the highest level should invite emergency employees to comply with at least three good practices. The first is the use of the materials of the company for their professional activities. It will be updated a systematic of operating systems and anti-virus. The second is the obligation to connect their PC into a VPN. The third is vigilance against malware emails. The current crisis is characterized by an upsurge in massive fraud attempts to transfer orders and phishing attacks, by which the victim is redirected to a fraudulent site, or prompted to download a malicious software. Particularly anxiety provoking, the coronavirus would become the lure of the most widely used of all time : half of the names of areas related to the theme of the Covid-19 could be related to malware.
The déconfinement itself is a risk specific to the business. The terminals used in teleworking, which will have been installed video teleconferencing services contain security vulnerabilities can be infected. Experts fear a wave of ransomware with the return to the office.
3. "Whatever happens... it is surely ensured"
In most cases, the management is confident that the various insurance policies taken out to guarantee the company against the risk of cyber. However, what is apparent sometimes in a patchwork quilt, sometimes to a mille-feuille of contracts, do not form always a cover without a flaw. Is the company insured for all types of events, damage, stoppages of the activity - and for what amounts ? After an attack, some companies have discovered with surprise that their contract did not cover the claim that they were subjected to. For each company, an audit is required in a first time to define and quantify the risk of cyber to which it is exposed. It is a vast construction site : around two thirds of the companies in Europe have not yet estimated the financial impact of a cyber attack !
Read our complete file"Déconfinons CSR !" Work yesterday, economy today, when telecommuting reveals the flaws of the management Déconfinement : to give meaning to the recovery
"trapped" in the emergency, we need to déconfiner with prudence, without compromising on the safety digital. Hygiene digital each makes the cyber security of all. The site cybermalveillance.gouv.fr which details the "gestures digital barriers", the guides of the ANSII, of the French Federation of the Insurance or of the AMRAE to the attention of decision makers and managers of risk, are all sources of advice to arm themselves against a possible second wave of cyber attacks.