Nearly 8 French SMEs in the 10th have already been victims of a cyberattack.
-
SEBASTIEN SALOM-GOMIS / SIPA
On Monday, a hacker hacked into the network of a water supply plant in Florida, giving instructions to increase the concentration of a chemical additive to a dangerous level.
Cyber attacks against sectors of vital importance, such as water, energy or transport have increased in recent years.
Faced with this threat, France has identified more than 200 operators of vital importance (OIV) in 12 sectors of activity, identified as having activities essential to the survival of the Nation.
A hacker who takes control of a water distribution plant, a cyber attack that paralyzes the operation of an electricity network, the computer system of a hospital blocked ... Computer attacks against sectors of vital importance are have multiplied in recent years all over the world, raising fears of potentially catastrophic consequences for the populations concerned.
Illustration Monday, when a hacker hacked into the network of a water supply plant in Oldsmar, Florida, succeeding in giving instructions to increase the concentration of a chemical additive to a dangerous level.
If the anomaly was detected very early, making it possible to avoid the worst, it highlighted the risk posed by these cyber attacks on sectors such as water, energy, health or transport.
A real risk for the population
There are many examples of industrial cyber attacks.
The United States and Israel were great precursors in this area, with Stuxnet, the famous virus introduced in 2010 by the secret services of the two countries into a computer in the Iranian nuclear complex.
It has caused major malfunctions in their fleet of centrifuges used by Tehran for the enrichment of its uranium.
In Ukraine, in 2015, a cyber attack caused a major power cut for several hours in the west of the country.
The attack was blamed on Russia, which never admitted responsibility.
In 2017, following malfunctions in a petrochemical complex in the Middle East, the French group Schneider Electric realized that its Triconex system, controlling the industrial security of the complex, had been hacked and that mysterious actors had been able to manipulate.
And France is not spared.
As recently as Tuesday, Dax hospital was the victim of a large-scale cyber attack that affected the operation of the establishment and that of certain medical equipment.
This attack "highlights for the general public a real risk on industrial environments, which is often less well known than that of traditional computing," said David Grout, responsible for Europe of the American cybersecurity company FireEye to AFP.
Strict specifications
Who blames hospitals, the electricity grid, rail transport or hospitals?
“There are the cybercriminals, who act out of ideology or out of defiance, who demand money.
And there are those who have state motivations (one state against another state) or terrorists, ”explains Nicolas Arpagian, teacher at the Ecole de Guerre Economique and author of the book
Cybersecurity
at the Presses Universitaires de France (PUF).
This civilian vulnerability has long been recognized by some states, which saw it as an opportunity to create and test computer weapons that were potentially as destructive as bombs.
There is no reason criminals acting for profit should not be interested in it too, experts point out.
"The attacks on industrial systems that have been documented are more of a state origin," explains David Grout.
To prevent large public utility networks from becoming too vulnerable, France adopted a new strategy, through the military programming law (LPM), in 2016. It defines more than 200 “operators of vital importance” (OIV), spread over 12 strategic sectors, whose systems must meet tough cybersecurity requirements, under the watchful eye of Anssi (National Agency for the Security of Information Systems).
These are companies "having essential activities whose failure would put in serious difficulty the functioning and survival of the Nation", details Nicolas Arpagian.
For national security reasons, the list of OIVs is not public and designated companies are requested not to communicate on their involvement in the system.
Digitization pointed at
These 200 companies must follow strict specifications, which aim to establish a minimum level of security, and be accountable to Anssi.
"The aim is to prevent cyber attacks and to guarantee the integrity and continuity of the activity of these companies", continues Nicolas Arpagian.
Who adds:
“
We are not in a logic of reprimand, but of anticipation.
The idea is how can we make sure that you are not a target?
".
Industrial machines and systems, once cut off from networks, are now increasingly connected to the Internet, directly or through the company network, making them vulnerable to attacks.
“These systems were historically designed to be used in a closed fashion.
But with the evolution towards digital technologies, such as connected health, connected transport or connected electricity, they have opened up, favoring cyberattacks ”, explains Gérôme Billois, cybersecurity expert at Wavestone.
Multiple authentication measures, security updates, network isolation, etc. Measures have increased the security of sectors of vital importance.
But for the expert, physical security measures are also necessary to ensure complete security.
“If we take the train as an example, it is piloted automatically, the system controls speed and braking, but there is still an emergency stop button.
If the switch gets hacked, the driver can always stop the mechanism physically ”.
And Gérôme Billois tempers: “Attacks against these vital sectors remain rare.
The main motivation of cybercriminals is to make money.
It is not by derailing a train or by poisoning the water of a municipality that we make money ”.
High Tech
Phishing: Five Tips to Avoid Getting Trapped
By the Web
Cybercrime: How the 'World's Most Dangerous' Malware Got Caught
Population
Hacker
Computer science
Cyber attack
High Tech