The problem of security vulnerabilities
During the containment announced since March, we were confronted with two types of companies.
On the one hand, there were those companies that were well-organized enough to meet the requirements of telework, and those that were not yet well calibrated. This revealed the inadequacy of some companies to adapt more quickly under the best possible conditions. For while employees are to be allowed to work remotely, there is still a need to ensure certain frameworks to secure exchanges, and to protect sensitive information. Unfortunately, many companies have had to pay a high price. Pascal Barcella, the head of the group specializing in IT services for companies, BSO explained his experience with some of its customers: "During the first week of confinement, we were faced with a total of 950 requests for intervention. »
If one can be sure of one thing, it is that hackers are on the lookout. They are looking for every opportunity to implement their strategy and activate their cyber-malveillance plan. Some experts believe that computer attacks have indeed succeeded against the system of some companies, but that cybercriminals may wait a while to activate them. For this purpose, the boss of the BSO group noted: "In fact, hackers know how to use flaws, whether technological or human. So when you ask me"Are they capable of infecting machines and waiting for companies to have a lot of activity again to activate viruses? "I say yes. If they have not infected the machines, they have identified the faults and will be more quickly operational when launching an attack, it is quite possible. All businesses are potentially vulnerable." In other words, the danger of a cyberattack must be seen as something imminent and permanent.Pascal Barcella will add: "With, in front of us, experts not only very technologically gifted but who have also been able to adapt their methods effectively. ».
It has been difficult to raise awareness among executives and employees of companies. With the switch to telecommuting, this has not improved at all, at least that is what the experts, Good Digital Hygiene Practices, have found so far. "There's a lot of communication and awareness about cybersecurity, but it's like the message is getting through without really being assimilated. IT services companies remain seen, first of all, as commercial companies, which want to sell their hardware and services. As a result, our recommendations are not always taken at their true value. says Pascal Barcella. And this is the key to the success of cybercriminals who continue to use virtually the same techniques for years with just a few improvements and adaptations. In some extreme cases, cybercriminals can also be quite sophisticated. and there is no shortage of tools today for this.
In such a context, maintaining telework may be sufficiently problematic. Hence the saving nature of the deconfinement that was announced today. When security measures do not follow, remote collaboration is a risk that could be very damaging to the company in the long run.
Moreover, the fight against cybercrime is not ready to end today. Hackers will continue to adapt and improve as long as there is always money to be made. And this will always be possible in the sense that companies will not invest enough in their IT security, and will not discipline their employees enough."There's money at stake. And so, behind the networks of hackers, I am convinced, very well organized networks whose goal is to raise maximum funds. To do this, they constantly adapt. This is true technologically: they use the dark web, cryptocurrencies… and even turned over the encryption weapon, which had been invented to secure the data! described our expert. Therefore, the problem must be solved on both sides. First, on the business side and the organization of their IT systems and internal and external interactions, and second, on the side of cyber criminals.
Now access an unlimited number of passwords:
