According to figures provided by the French authorities, the National Agency for Security of Information Systems, during the year 2020, cyber attacks have clearly exploded.
At the same time, the ransom requirements of cyber criminals have also increased significantly. And on this side, the authorities have always accused companies of being intimidated too quickly and paying the ransom too quickly.
This article will also interest you: Should we be wary of Cyber insurance
According to figures provided by Acyma, the organization that manages the platform responsible for assisting victims of computer attacks, between 20 and 30 per cent of French companies, victims of ransomware, pay the ransoms demanded.
Yet the trend has always been clear never to negotiate with cyber criminals. You must never pay the ransoms demanded.On 15 April, during the senate hearing, Johanna Brousse, a magistrate specializing in cybercrime, declared: "Today France is one of the countries most attacked by ransomware because we pay ransoms too easily, some insurers even guarantee the payment of ransoms. We have to make everyone understand that if they pay the ransom, they penalize everyone. ».
So it's time to break this ransom demand profitability. Marc Bothorel, IT Security Referee of the Confederation of Small and Medium-sized Enterprises (CPME), explains: "The hackers understood that it was a good business and that they were not likely to be prosecuted." In such a situation, paying the ransom seems to be the best deal possible to avoid the disclosure of secret information.
According to the president of the National Agency for Security of Information Systems, Guillaume Poupard, to solve this problem there is no quick fix. "There will be no cyber shield that will protect France or Europe: it is an elegant concept but in practice it does not exist. It is essential that everyone is involved in their protection," he said at the same session in the Senate.
On the other hand, the problem is elsewhere. "There is a myth among entrepreneurs that small and medium-sized enterprises are not a target for hackers. However, they know that they have less means for their security and that they can serve as vectors of attacks to enter the homes of larger ones. Marc Bothorel explains.
If we take into account the lack of culture in computer security, another point is added to the growing problem: "the murky game of insurers". Indeed, it has been formally observed that insurance companies clearly prefer to pay the ransom demanded by cyber criminals than to find another way to compensate their client. "With the exception of a few specialty insurers, many companies now sell e-insurance for profit," says Bothorel. Risk assessment questionnaires are too declarative. ».
Yet it is possible to protect yourself without spending too much: "Today you can protect yourself at low cost: with an antivirus and an anti-spam, you are already blocking 95% of malicious emails", stresses Marc Bothorel.
Now access an unlimited number of passwords: