Category Archives: Cyber-security

Cyber security is a very special area that experts describe as "dreadful". It concerns computers, smartphones, connected devices… all this little world sensitive to Internet security.

$7.8 billion invested in the IT security sector

Cybersecurity players are on the rise.

With the health crisis that has shaken the world, every sector has developed a lot. Computer security before was very important, now it has a place of choice. According to figures provided by Crunchbase, about $7.8 billion was invested in cybersecurity capitals in 2020.

This article will also interest you: Computer Security and Health: Awareness instead of investment

A record amount that has not been reached since 2011. Compared to the states we observed:

– 76% of these funds went to the United States;

– 13% in the Hebrew state;

– 3% in Great Britain;

– 8 percent in other states.

As we know, the coronavirus health crisis has been a major reason for this mutation in the cybersecurity sector. The use of telework has been one of the boosters. Unfortunately, companies have taken risks to maintain the continuity of their operations. Precipitated shift towards remote collaboration, it has been observed to some extent that the computer attack vector have multiplied. A factor that has benefited cyber malice.

"The past year has also been marked by a very strong appetite for venture capital firms and investment funds to invest in this sector en masse. Crunchbase. This explains the $7.8 billion in investments in 2020 compared to $7.6 billion for 2019, a year that was touted by experts as the best in terms of investment in this field. The study also showed that these funds were distributed among 665 transactions. One example is:

– Snyk ($300 million),

– iboss ($145 million) or

– Aqua Security,

– BioCatch

– Cato Networks…

"The cybersecurity industry has grown rapidly globally over the past decade and, with many companies forced to transition online, the pandemic has only increased this urgency and made the cybersecurity industry relevant," notes Crunchbase.In practical terms, we know that cybersecurity companies work in a fairly promising sector. One of the references is:

– network security;

– preventing data loss or

– protection from intrusions;

– cloud security;

– access and identity management;

– protection from malware

It was determined by the study that nearly 1,500 computer security companies have received several funds since 2017. Hyper-sented has gone up to 58% for a priming phase and 32% for the growth phase and 10% for the next phases.

"By 2020, about 6% of global cybersecurity investments have fuelled start-up companies, 39% growing, 53% advanced and just over 2% in technology maturity," the report says.

Now access an unlimited number of passwords:

Check out our hacking software

Computer threats and the behaviour of insurance companies

According to several observations, in particular from the Deputy Prosecutor at the Paris Judicial Court, who is also responsible for the J3 section responsible for combating computer threats and crimes, Johanna Brousse and Guillaume Poupard, the first head of the National Agency for Security of Information Systems, the behaviour of insurance companies would be likely to push companies to commit serious misconduct.

Indeed, it is not uncommon for insurers to take responsibility for paying ransoms are often demanded by hackers. Attitude that unfortunately encourages hackers always continue in their practices. On 15 April, the two authorities were speaking at the round table organised by one of the Senate delegations specially responsible for business

This article will also interest you: Should we be wary of Cyber insurance

"We're going to have to toughen the tone in the face of ransom payments," says Johanna Brousse firmly. "Today, France is one of the most attacked countries when it comes to ransomware. Why? Because we pay ransoms too easily," notes the latter. "We realized that insurers guaranteed the payment of ransoms, some not for everyone, they put conditions. But we're going to have to work on that," she continues. "We have to make everyone understand that if they pay the ransom, it will penalize everyone else because the hackers will attack our economic fabric more easily by thinking that the French anyway it is well known they pay" affirms the prosecutor. "The watchword is that when it comes to ransomware we don't want to pay anymore and we're not going to pay anymore. This is essential to dry up the source and for hackers to be aware that France is not the golden egg hen and that we must not be attacked."

Indeed, in the current context, the victims of cyber attacks with ransomware must be more than ever in their refusal to pay the ransoms demanded. The view of the head of section J3 and totally shared by the first head of the national agency for security of information systems, Mr. Guillaume Poupard. "What Johanna says is very important," he confirms. The latter appeals to the common sense of the companies to ensure that they agree not to pay the ransoms. The boss of ANSSI the behavior of insurers. "The important thing is to deter the attackers from attacking by telling them that the ransom would not be paid. Here we have a very, very big job I totally agree with what Johanna said," says Guillaume Poupard.

"Because today we see a murky game of some insurers, I agree[NDLR : de Johanna Brousse]." If in a sense the behaviour of insurance companies makes perfect sense, they are still harmful. "An insurer if he has the choice between paying a few million ransom or tens of millions under the insurance policy that has been contracted, and if he thinks he has the right, he will pay the ransom" comments Guillaume Poupard. "It's a no-brainer. There is a rationality that is relentless." However, the vicious circle of ransom payment must break. "And then we have to say loud and clear that hospitals in France do not pay ransom. Local authorities will not pay ransom."

It was also mentioned that ways should be found to track down and punish intermediaries who often serve as bargaining chips between companies and cyber criminals for ransoms. "They're a little gray, not white, not black. They do a ransom payment business, and they will sometimes pay themselves on their ability to negotiate with criminals the payment of ransoms. This is extremely unhealthy," stresses the head of the National Information Systems Security Agency. "We have to fight this very effectively because otherwise it is a kind of ecosystem that will be created around criminal activities and the result will be catastrophic."

For the head of the administrative authority in charge of cybersecurity, things are going very badly. "Everything is going wrong objectively. Between 2019 and 2020, there are a factor of 4 in the number of victims." "Do you have backups? An anti-virus? Is your email secure? ».

Now access an unlimited number of passwords:

Check out our hacking software

Multinationals adapt to combat cyber threats related to telecommuting

Telework is still going on.

As long as there is a state of emergency and the coronavirus pandemic, multinationals in different countries around the world are forced to find a way to adapt. The collaboration the distance has advantages, but one cannot also overlook the disadvantages. Especially cybersecurity. The idea is to realize how big a multinational company organize themselves.

This article will also interest you: Computer security and telecommuting: when employees become managers

"At Huawei, this switch wasn't really a big change because we used to do this kind of scenario. We work according to a multi-site scheme and our engineers intervene remotely. We have long developed our own tools to work remotely," notes Adnane Ben Halima, Vice President of Public Relations for Huawei North Africa's Mediterranean region.

It has been noted that companies can overcome the impact of the health crisis on their operations but also on their activities. They have several tools in place to collaborate fully and effectively even remotely. This has even made it possible to optimize performance in a certain way.

"The Group delivered computers or modems when necessary. In less than 48 hours and thanks to incredible mobilization, more than 12,500 fixed computers were transferred from the office to the homes of our colleagues. explains Baïdy Si, Head of It Security Services in French-speaking Africa for Atos. It also states that it took a week to switch 96% of their 10,500 employees to telecommuting.

This also applies to IT security processes. These issues were dealt with as a priority with the switch to telework. This has not been too complicated when you consider that large companies already have the means and policies to manage and protect data.

"Because our Group security policy is very mature, our IT systems and security processes were already in place when the pandemic occurred. The level of security was not affected and the employees were able to telework without a hitch," notes Emmanuel Cheriet, Maghreb and West Africa Director for Orange Cyberdefense.

The same was legally true for the Atos Group, which also has a personal data protection system. "All data is encrypted and protected by two-factor authentication, which limits access to a previously defined list of people. says Baïdy Si. It also lacks that internal communication is very important to establish a certain awareness of all staff about the necessary digital hygiene measures.

"All of our employees, without exception, receive mandatory training. They educate them about risks and educate them on good practices. ». To some extent this recall is very important. Indeed, there is always good to warn employees of the risks that are inherent in the use of digital services.

"Before we make interventions on customer networks, a set of rules must be followed to ensure the safety of operations. Every intervention can indeed produce a catastrophe," warned Adnane Ben Halima. 

On the Orange side, the staff receives training and a cat of good practice. "Internally, we communicated the rules of "computer hygiene" to our teams. We have informed them about the major attacks in order to raise awareness of the increased risks posed by the situation throughout this period. explains Emmanuel Cheriet.

It should be noted that companies that had some shortcomings in computer equipment, be it software or physical hardware, in terms of their data protection policy, suffered serious consequences.

"For our clients in French-speaking Africa, the main challenge has been to secure the transition to telecommuting," said Baïdy Si. "It was also necessary to present to the clients the support protocol deployed by the group. 'First, we deployed a flash audit offer, so that our customers have 360-degree visibility on their level of exposure to cyber risks. Subsequently, we accompanied them in correcting the vulnerabilities detected, so that they gain confidence in these risks and to allow them to telework serenely. he adds.

"During this period, we have focused on helping our customers secure themselves. And to protect them at a time when their digital transformation was accelerating, with the implementation of solutions to secure remote work (example: VPN solution, Multi-factor authentication, etc.) notes Emmanuel Cheriet of Orange Cyberdefense.

Now access an unlimited number of passwords:

Check out our hacking software

Nation States reportedly launched twice as many attacks as three years ago

The computer solutions supply company HP conducted a study that looked at cyberattacks initiated at the favored by nation states.

The specialist in charge of this analysis is Mike McGuire, a specialist in criminology. It is noted from his reports that in just 3 years, governments would have been behind many more computer attacks. The preferred targets of its companions would be companies with high added value. "While the adoption of an international treaty seems to be one of the most attractive solutions to address it, it does run up against the reality on the ground. Cyberattacks by nation states have doubled in three years." Describes HP's report.

This article will also interest you: 5 computer attacks that have marked the history of cybercrime

Between 2017 and 2020, there was a net increase in computer attacks linked to the U.S. government. The HP study, conducted by criminologist Mike McGuire, senior lecturer at the University of Surrey in the United Kingdom. The study entitled Into The Web of Profit.

In his own words, the criminologist explains that Nation States tend to invest more and more in recent times: "time and resources to obtain strategic cyber advantages to advance their national interests, their intelligence-gathering capabilities, and their military power through espionage and theft."

The most targeted companies are those with high added value. Among them are pharmaceutical companies and high-tech companies, which make up 35% of the victims

– Companies in the cyber defence sector are in version for are targets

– companies in the media sector for 14 percent of the targets

– Government agencies and institutions that make up 12 per cent of victims

– Infrastructure considered critical for 10 percent of victims.

For the year 2020, the most targeted organizations were public institutions or private companies working in the sector of the fight against the coronavirus pandemic. Especially those working on the development of a vaccine. Examples include AstraZeneca and Moderna, both victims of a computer attack.

According to the study of the American digital giant HP, the tools used to carry out these cyberattacks would be very easy to find on the internet. Indeed it would seem that 50% of the tools involved in this kind of computer attacks. That easily find on the dark web. 8% of these tools are used by cyber criminals to extract sensitive data. Only 20% of tools are sophisticated natures

"Attempts to capture intellectual property relating to vaccines (…) show how far nation states are willing to go to achieve their strategic goals," says McGuire. The latter goes after organizations to invest heavily in "terminal security solutions" to help them "stay ahead of these ever-changing threats. ».

Now access an unlimited number of passwords:

Check out our hacking software

The annual report on cyber threats in France by the French government

The government's cyber-malveillance platform.

Gouv.fr has made an activity report available to the public for the year 2020. A report that reports a very high trend in attacks on ransom software.

This article will also interest you: Ryuk: the French cybersecurity policeman publishes his report on Ransomware

We remember that in 2020, the state service responsible for assisting in preventing in the digital security sector in France, with an overhaul of its platform and at the same time optimized its strategy in terms of content, so that it is adapted to media and also to the general public. In another sense, there has been a lot of work on the part of the platform. There was a large presence of the latter on social networks, there were about 260 communications including 41 alerts.

In addition, there was an increase in attendance in 2020 not only by individuals seeking assistance. In addition to the presence on social networks and the redesign of the online platform, we were able to witness the launch of the ExpertCyber label, which allows to rank the various experts in the field name of computer security, in this case in sectors such as assistance and maintenance the installation of computer solutions, support for local communities for associations or even companies in the process of securing.

In terms of requests for assistance, the government platform has seen a 150% increase in attendance for the year 2020. It had 1.6 million visitors in the previous year, compared to 144,000 visitors in 2017, 200,200 for 2018 and 483,400 in 2019.

"While this growth is linked to the development of the platform's reputation, it is also a sign of a real public interest in the services offered. The work of enriching and accessibleing resources and content carried out during the year also explains this growth" explains the platform Cybermalveillance.gouv.fr

– 88% of support searches are carried out by individuals compared to 10% for associations and private companies

– 2% of assistance searches are for local authorities and public administrations

– 150,000 people, that's the exact number of people who searched for assistance on the government platform.

The computer threats that worried the French the most during the year 2020 include phishing and ransomware attacks. Indeed, it was observed that 17% of individuals approached the concept of phishing. It places itself in these conditions in the first position as a demand and research on the platform. Just behind is online account piracy with 12% of searches. A threat that is in one way or another necessarily related to phishing. In third place we have computer hacking, which accounts for 9% of searches. In 4th position for 8 percent of the blackmail searches on the webcam. In last position are virus-related threats for 4 percent of the research.

For professionals, the main research in terms of assistance concerned of course attacks based on ransomware.

– In sum, they account for 17% of research by associations and private companies and 19% for public administrations and local authorities

– In second place were research on computer hacking for 16% of companies and associations and 13 percent for public administrations and local authorities.

Objectively it is clear that ransomware hit French organizations hard during the year 2020.

The main cause of the intensification of computer attacks and the health crisis to coronavirus. Indeed, we remember well the usual practice upheaval towards remote collaboration in a need for continuity during the general containment of populations around the world. Telework was unfortunately adopted in haste thus opening many gateways to cybercrime.

"Led by the Public Interest Group (PIG) ACYMA, the Cybermalveillance.gouv.fr system is now and more than ever driven by these three missions: assistance to victims of cyber-malveillance (with contact with local providers), public awareness of digital risks (through digital security prevention content and campaigns) and digital risk observation , which allows us to better anticipate the latter. Cybermalveillance.gouv.fr Report concludes.

Now access an unlimited number of passwords:

Check out our hacking software