French computer security specialists since Wednesday have a computer conclave.
They admitted to having experienced great stress since switching to telework in a massive way. This upheaval of general containment announced to combat the expansion of coronavirus. Despite this many managed to avoid disaster. "When the decision was made to switch to telecommuting in mid-March, we were going back to uncharted territory," says Laurent Célérier, Orange Cyberdefrier's executive vice president of technology and marketing. "The systems had to hold up, we had to open the information systems to allow telework, with this big stress: the attackers are not going to take advantage of it immediately," he recalls.
This article will also interest you: Business safety in a situation where telecommuting and office work must coexist
In a purely technical approach, remote work "has put the activity of companies on certain very specific technological bricks: VPN (which allows remote access to the internal network of his company), video conferencing, and protection of the user post (the laptop used at home)," explains the expert of orange cyberdefense. "The entire cyber community has mobilized around these three topics. Many researchers have started looking for security vulnerabilities in these products, and in fact, a lot of vulnerabilities have been discovered," he adds. Cybercriminals took advantage of all these details to attack the computer systems of companies "that had not patched (fixed vulnerabilities) quickly enough," he adds.
Information system security managers have seen the task become increasingly complicated. This is because of the expansion of shadow IT, still calling parallel computing. A situation akin to a nightmare for computer security specialists.
But the urgency of telecommuting in an increasingly competitive environment has forced companies to open up their systems. The use of computers and apartment smartphones to employees have been involved in the large set of computer park companies. This has increased security vulnerabilities and attack vectors. This is what the general delegate of the Club of Computer Security and Digital Security Experts, CESIN, points out. "There were a lot of problems with data leakage because people were sharing too broadly. We had to bring all the lost files home, and it was quite catastrophic in some cases where people had done anything," he says.
At the level of cybercriminals, it must be said that they have been able to make the most of the Covid-19 pandemic. The panic generated by the disease allowed computer operator to launch and initiate several phishing campaigns, in order to attract Internet users to fraudulent sites to extract personal data. The explosion of e-commerce has also been one of the key points in their cyber-malleting strategy. However, in practice, experts say that cybercriminals have not used new technological terminology. "The technique of attacks itself was nothing out of the ordinary," there was "no novelty in terms of the technology used by hackers," notes Renaud Bidou, one of the European officials of the cybersecurity firm Trend Micro, during a press conference.
A key point has been raised, according to some experts, that containment has not really spread computer attacks that have succeeded. Only isolated cases have been observed in some companies and organizations that have been trapped because attention has been released. Ransomware attacks have cost all affected organizations dearly. Ivan Fontarenski, Thales' head of threat intelligence, said: "It's not related to Covid, it's the cybercriminal business that goes in that direction (…) There are people who pay the ransoms, so it works."
While containment has had consequences in practice, the fact remains that cybercriminals have not relaxed since the beginning of the year. "The attackers didn't stop working, and we're starting to see that there's really a delay in the defense in terms of attack in this area," notes Renaud Bidou of Trend Micro.
Now access an unlimited number of passwords: