The cybersecurity world is meeting this week in Monaco to sharpen its strategies and try to reassure companies traumatized by the attacks of the Wannacry and NotPetya viruses in the spring, whose damage amounted to billions. “There are new risks that have appeared in the last twelve months,” explained the director general of the National Agency of Information Systems Security (ANSSI in French), Guillaume Poupard.
The threat is not new, and large computer attacks in recent years have hit Estonian institutions, the Saudi Aramco oil company, Sony Pictures Entertainment studios, South Korean television and the French-language channel TV5Monde. But the world had not yet encountered cyber-offensives as significant as Wannacry and NotPetya.
The first, which struck in May and June, was a ransomware that paralysed hundreds of thousands of computers around the world, affecting the British health system, German railways and Renault factories. This system of ransom demand was “flawed” according to Mr. Poupard, “but one cannot exclude that the objective was to make money,” he said.
The second attack, of NotPetya in June, was “really an attack of destruction, sabotage”, stated Guillaume Poupard. This malicious software erased the files from the computers it visited, masquerading as a ransomware.
“There, the goal was really to do harm,” noted the boss of ANSSI. The Ukrainian tax system was targeted. “In cyberspace, it quickly spread, and it quickly led to collateral victims”, as companies that did business with Ukraine had their systems infected. The main known French victim is the building materials company Saint-Gobain, which assessed its loss at 250 million euros.
“With these attacks, there has been a real change of dimension in the understanding of the threat in companies,” said Gérôme Billois, expert at Wavestone.
“We used to see attacks to steal the data and reveal it, which damaged the brand image, and damaged customer relationships, there was financial fraud which was just about money,” he said. “But here, with the two attacks Wannacry and NotPetya, it is the company that is completely shut down for several weeks!”
The topic will obviously be discussed at the Conference on Security and Information Systems, organised from Wednesday to Friday at the Palais des Congrès in Monaco. More than 2,500 people are expected.
Beyond these spectacular attacks, the intrusions into the networks for the purpose of espionage are more and more numerous, and constitute the main part of the “business” of the ANSSI. “There is a very strong underestimation of this threat,” stated Guillaume Poupard.
Again, the Agency only deals directly with the State and large companies, controlling in particular the defence of the 230 vital private operators (OIVs), both private and public, “who operate or use facilities judged indispensable for the survival of the nation.”
For others, the ANSSI, an entity that works for the Prime Minister, launched educational campaigns and increases the amount of guidance offered.
“Cybersecurity costs money,” said Secretary of State for Digital Mounir Mahjoubi. But, he warned, “a company that does not spend on cybersecurity, it should be a big warning, because it is risky today not to protect oneself.”
“We can not only offer cybersecurity services that are accessible to the CAC 40,” the Secretary of State pleaded, calling on the industry to multiply “affordable services that areavailable all over the country.”
Companies will have to react all the more because a European regulation will oblige them in May to make public any theft of personal data. Most of them prefer to keep secret attacks against them, especially to preserve their reputation.
Following these recent cyber attacks it is crucial that this cybersecurity meeting in Monaco allow companies to discuss these highly important issues.