The city of Marseille was the victim of a cyberattack in March 2020. -
GERARD JULIEN / AFP
Ransomware attacks have increased in 2020.
The generalization of teleworking, a consequence of the coronavirus pandemic, is clearly a risk factor.
Cities and communities are often destitute and poorly trained to face the danger of piracy.
It is an epidemic that appeared at the same time as that of the coronavirus.
If the Covid-19 infects humans, it attacks computers.
Since the start of the pandemic, several organizations have warned of the increase in criminal computer attacks targeting businesses or institutions.
Last week, the director general of Anssi, the public agency in charge of French IT security, drew up an alarming report on BFM Business: “In the victims who call on us (…), a fishy figure: 50 operations in 2019, 200 in 2020, so it's x4 (…).
So there really is an explosion ”.
Among the targets are many cities and communities.
According to a count established by
20 Minutes
(the complete list is to be read at the bottom of the article), at least fifteen of them have suffered in recent months a "
ransomware
" attack
.
The principle: malicious software enters the information system of a municipality and blocks access to all or part of the data.
To recover them, hackers demand the payment of a ransom, often in Bitcoins.
Between January and August 2020 alone, Anssi recorded 104 such attacks (also including companies).
A figure far below the actual number of hacks: according to the 2020 report from Clusif, an expert association in cybersecurity, "a majority (53%) of communities do not communicate on the ransomware attacks suffered".
The Anssi even admits in a report that she was sometimes alerted while reading the press!
Proof that the subject is sensitive, the affected municipalities that
20 Minutes
contacted did not respond.
Main communities that were victims of ransomware in 2020. The full list can be found at the bottom of the article.
- Nicolas Raffin / 20 Minutes
Very disabling blockages
Angers is the last known victim.
Since January 15, the Angevin city has been struggling with ransomware that has blocked access to the community's computers.
If the town hall ensures that it has a "secure" backup of all its data, the cyberattack had very concrete consequences on the functioning of the administration.
The city's conservatory thus indicated on Twitter that its computer system was "paralyzed" and that it could "neither join nor be reached by email", inviting residents to use the good old telephone.
Other cities or communities have experienced similar setbacks.
In Bayonne, the city last week asked the 23,000 residents with an account on the municipal site to change their password after an attack.
The municipality will also spend an additional 50,000 euros per year to strengthen its IT security.
In Marseille, a cyberattack carried out just before the municipal elections of last March sowed panic in the corridors of the Town Hall.
“We no longer had the slightest planning of our 12,000 civil servants (…), we had lost the electoral lists for the next day, but also the registration lists for children in nurseries and primary schools (…).
We could not even register births and deaths properly, ”explained an anonymous source from the town hall in
Provence
.
“For a pirate, it's royal!
"
For several cybersecurity experts, the coronavirus pandemic and the new work organization clearly favor this type of attack.
"The Covid-19 is multiplying the targets, explains
Rémy February, lecturer at Cnam and former gendarmerie officer *
to
20 Minutes
.
Teleworking has increased the number of links between remote agents and their internal network.
These are all possible vectors of attacks.
For a pirate, it's royal!
".
“When a town hall agent works at home, he either uses personal equipment that is not necessarily secure, or his work computer but which leaves the secure network.
And by opening all these small windows, there are inevitably many more entrances into the building ”confirmed this week to France 3 Emmanuel Vivé, general manager of the association for digital development (Adico) of Oise.
Urgent update
As teleworking is expected to last on a massive scale, at least in the coming months, communities have every interest in putting in place action plans to avoid cyber attacks as much as possible.
Anssi issued a guide for them at the end of 2020 and makes several recommendations.
“Most often, the ransomware attack begins with the opening of a trapped attachment or the consultation of a malicious web page” recalls the specialized agency.
It is therefore essential to make all users of a given network aware of digital security.
In addition, as with the coronavirus, strict compliance with barrier gestures is essential in the face of ransomware: systematic updating of software, limitation of administrator rights, or even regular backups in a space disconnected from the general information system.
"Many communities are still behind on all these points, deplores Rémy February.
A large majority are unaware of the risks.
In addition, they often have little financial means.
If you are already having trouble launching investment programs in your area, IT security will not be your priority ”.
Society
Angers: The sites of the town hall of the city attacked and paralyzed by a cyberattack
High Tech
Coronavirus: Health establishments particularly targeted by cyber attacks
Lists of municipalities * or communities victims of ransomware in 2020:
January 24: Saint-Paul-en-Jarez (Loire)
January 30: Tullins-Fures (Isère)
February 13: Grand-Est region
March 5: Charleville-Mézières (Ardennes)
March 13: Aix-Marseille and Martigues metropolis (Bouches-du-Rhône)
March 2020: Crêts-en-Belledonne (Isère)
March: Two towns in Morbihan (their names have not been made public)
July 6: Department of Eure-et-Loir
July 18: Mitry-Mory (Seine-et-Marne)
November 2: Vincennes (Val-de-Marne)
November 6: Alfortville (Val-de-Marne)
December 17: Marolles-en-Brie (Val de Marne)
December 26: La Rochelle (Charente-Maritime)
December 27: Annecy (Haute-Savoie)
*
Municipalities listed by 20 Minutes on the basis of press articles.
Coronavirus
Cybersecurity
Cyber attack
Computer virus
High Tech
Communities
Piracy