Cybercriminals are opportunists. Cybersecurity specialists know this. The global health crisis linked to the coronavirus pandemic confirms their fears. Cybercriminals are now using Covid-19 to infect the computers of their victims. Phishing attacks (theft of identifiers, passwords, credit card number, etc.) have been increasing since December 2019. Researchers at the cybersecurity company Barracuda noted an increase of 667% in email attacks linked to the Covid-19 between the end of February and March 23, 2020.
Figures that confirm the alert given on March 20 by the FBI, the main federal police and interior intelligence service in the United States. "The crooks are exploiting the Covid-19 pandemic to steal your money, your personal information or both. Don't let them do it! Protect yourself and do your research before clicking on links supposed to provide information on the virus (… ) The FBI advises you to be on the lookout. "
Offer hydro-alcoholic masks or gels
With his cybersecurity company I-Tracing, Laurent Besset has been on the front line for more than three months: "We have offices in Hong Kong and we have seen an increase in attacks using the Covid-19 as a pretext since the beginning of the year. to infiltrate our customers' machines. " Indeed, often frightened users do not hesitate to open emails that contain a word related to the coronavirus. Especially since the messages claim to provide masks or hydro-alcoholic solutions.
Same observation in France for several weeks. "Unfortunately, the hackers of the web are engulfed in this breach. We must prepare for many cyberattacks," warns Alain Bouillé, director of the Club of Experts in Information Security and Digital Technology (Cesin).
The Public Assistance-Hospitals of Paris (APHP) was thus the victim, on March 21 and 22, 2020, of a denial of service attack. This type of cyber attack involves massively requesting a target server until it breaks down. Fortunately the damage was minimal.
Why then this computer intrusion against Parisian hospitals? "It's difficult to understand, recognizes Laurent Besset of I-Tracing. Especially since the first reason for the vast majority of attacks is financial gain." On February 28, 2020, the Rouen University Hospital also suffered a computer ransomware attack. Cybercriminals then demanded a sum of money to make the data accessible again. The attack on the AP-HP, without a ransom demand, therefore leaves us perplexed.
The French state still serene
For the time being, the National Information Systems Security Agency (ANSSI), the armed wing of the state, has seen no increase in attacks. At least within its scope made up of large administrations, operators of vital importance (energy, transport, etc.) and operators of essential services for the proper functioning of the economy (banking, insurance, etc.). The ANSSI is not worried, but remains on its guard.
For the government platform cybermalveillance.gouv.fr, an offshoot of the ANSSI and partly funded by it, the fears are good and there. This public body focuses on local communities, SMEs and individuals.
"Between February 1 and March 23, the assistance route on our site jumped 400%", explains the general manager, Jérôme Notin. After the masks, he expects to see fake sales sites for chloroquine, the drug currently being tested on thousands of patients.
Telework , a real challenge for IT security
If teleworking is an opportunity for millions of employees, it is also a nightmare for IT security. Companies have taken significant risks by placing a large part of their employees in telework. Cybercriminals are aware of this and take advantage of the loopholes opened up by remote professional activity.
"Last week, says Alain Bouillé, I convinced a large industrial company to reconsider a decision that seemed dangerous to me. It wanted to allow employees to use their personal laptops to work at home. It must be understood that all these private machines are corrupt. Their level of security is absolutely not compatible with that of the company. Emails, downloads, visits to personal sites that let too many viruses through. "
There is a golden rule in the IT security world: when you work fast, you work poorly. The Covid-19 took the majority of companies off course. Despite the strikes in the fall of 2019, businesses are not prepared for telework. Machines and networks are not sufficiently secure.
"The first lesson that we must learn from this crisis, insists Alain Bouillé, is to insist with companies so that they stop equipping themselves with stationary PCs and that they switch all their equipment into laptop PCs. C "is simpler and easier to secure. A laptop secured by the company can be brought home, not a desktop PC. As a result, employees use their private machines."
In the meantime, companies must strengthen their protection. And adopt certain recommendations proposed by the official public sites, that of the ANSSI or of the cybermalveillance platform.
The France 24 week summary invites you to come back to the news that marked the week
I subscribeTake international news everywhere with you! Download the France 24 app
google-play-badge_FR