CYBER NEWS
News ARC Data Shield
NAVAL Group a sélectionné ARC Data Shield pour travailler conjointement a la cybersécurité des systèmes embarqués de la marine.
ARC Data Shield est fier d’être sélectionné par NAVAL Group dans le cadre de la CyberTech Navale. Cette reconnaissance met en valeur notre expertise en cybersécurité, notamment nos passerelles réseau innovantes Digital Air Gap.
La collaboration avec NAVAL Group va nous permettre de bénéficier de leur expertises et de leur connaissance des besoins de la marine pour nous permettre d’optimiser notre passerelle Digital Air Gap pour répondre aux attente spécifique au domaine maritime. En nous associant à leurs équipes, nous avons pour ambition de contribuer à protéger les infrastructures critiques embarqués.
Merci à Naval Group pour leur confiance et à tous ceux qui soutiennent notre mission. Restez connectés pour suivre les avancées de ce projet prometteur.
ARC DATA SHIELD et CYBER ICS : Une Alliance Stratégique pour Renforcer la Cybersécurité Industrielle
La société ARC DATA SHIELD, éditeur de solutions de cybersécurité, et la société CYBER ICS, spécialisé en conseil et d’audit en cybersécurité, annoncent leur partenariat stratégique pour renforcer la sécurité dans le domaine industriel.
À l’ère de la numérisation croissante, la sécurité des systèmes industriels est devenue une priorité absolue. Les incidents de cybersécurité dans les environnements industriels peuvent entraîner des conséquences désastreuses, avec des pertes financières considérables et la mise en danger de la sécurité des personnes et la survie des entreprises.
Dans cet esprit, ARC DATA SHIELD et CYBER ICS unissent leurs expertises pour offrir une solution complète de sécurité industrielle.
« Ce partenariat entre ARC DATA SHIELD et CYBER ICS est une étape majeure dans notre engagement commun
envers la sécurité industrielle. Ensemble, nous serons en mesure de fournir des solutions de sécurité avancées,
adaptées aux besoins spécifiques de chaque client. Nous sommes convaincus que notre collaboration renforcera
la protection des systèmes industriels et contribuera à la pérennité des activités de nos clients », explique Arnaud
COMBIER, Président de ARC DATA SHIELD.
En unissant leurs forces, ARC DATA SHIELD et CYBER ICS créent une alliance puissante au service de la sécurité
industrielle. Leur collaboration permettra de développer des solutions intégrées qui combinent les meilleures
pratiques de sécurité informatique et la protection des systèmes de contrôle industriel. Les clients de ARC DATA
SHIELD et CYBER ICS bénéficieront de cette collaboration en ayant accès à une expertise combinée, à des solutions
de pointe et à une assistance technique renforcée.
Pour Romain ALLAIN, Directeur de CYBER ICS, « les produits proposés par ARC DATA SHIELD améliorent le niveau
de sécurité du patrimoine industriel des entreprises, tout en étant accessibles et pertinents. L’équipe de ARC DATA
SHIELD propose un haut niveau d’expertise et leurs valeurs sont en phase avec les nôtres. Nous sommes très
heureux de travailler aux côtés de ARC DATA SHIELD pour notre objectif commun d’aider les entreprises à sécuriser
leurs systèmes industriels avec des produits de qualité d’origine 100% française. »
ARC Data Shield à l’European Cyber Week 2024 : Découvrez nos solutions innovantes pour la cybersécurité
Rennes, 18-21 novembre 2024
Nous sommes ravis d’annoncer notre participation à l’European Cyber Week (ECW) 2024, qui se tiendra au Couvent des Jacobins à Rennes du 18 au 21 novembre. Cet événement rassemble chaque année des experts de la cybersécurité autour des thèmes de l’autonomie stratégique européenne, de l’IA de défense et de la protection des infrastructures numériques critiques.
Un environnement d’innovation pour des solutions de pointe
Dans un contexte de cybermenaces croissantes, nous présenterons nos technologies avancées, dont nos appliances réseau Digital Air Gap brevetées. Ces solutions innovantes apportent un niveau de protection matériel et électronique unique, conforme aux réglementations comme la directive NIS 2, pour garantir la résilience des infrastructures critiques.
Rencontrez-nous à l’ECW 2024 !
Venez rencontrer notre équipe pour découvrir nos innovations en cybersécurité et échanger sur les défis de demain. Ne manquez pas cet événement incontournable et nous vous attendons au stand n°S06 !
ARC Data Shield rejoint le Pôle d’Excellence Cyber
ARC Data Shield rejoint le Pôle d’Excellence Cyber : une nouvelle étape pour renforcer la cybersécurité :
Nous avons le plaisir de vous annoncer qu’ARC Data Shield fait désormais partie du Pôle d’Excellence Cyber ! C’est pour nous un honneur de rejoindre cette communauté dédiée à la cybersécurité. Cette nouvelle étape marque un moment clé dans notre engagement à toujours mieux protéger nos clients et partenaires.
En rejoignant le Pôle d’Excellence Cyber, nous avons l’opportunité de partager notre expertise et de participer activement aux initiatives et actions qu’il organise, toutes tournées vers un même objectif : la sécurité numérique pour tous.
Cette collaboration est pour nous une occasion unique de participer à des projets qui font réellement la différence en matière de sécurité numérique, tout en partageant nos connaissances et en apprenant aux côtés des meilleurs.
Nous sommes impatients de découvrir les prochaines étapes à vos côtés, toujours avec un objectif en tête : garantir la meilleure protection des actifs matériels et des données face aux menaces de demain.
Merci pour votre soutien continu et à très bientôt pour de nouvelles avancées en cybersécurité !
Post Linkedin : linkedin.com/posts/pole-excellence-cyber_cyber-welcome-innovation-activity-7252608052774760448-uiGE?utm_source=share&utm_medium=memb
A great success for us to have been an exhibiting partner at the InCyber Europe Forum (FIC)
The quality of the meetings, the extremely positive feedback from end-users who discovered it, the links with our colleagues, the chance to meet future partners, the large audience for our innovation pitch on the advantages of strong partitioning... in short, 3 intense and fascinating days!
Thank you all for coming to see us.
ARC Data Shield Partner of the FIC- Forum InCyber
To meet us, don't miss the InCyber Europe Forum (FIC), which opens its doors today! We'll be there from March 26 to 28, 2024 at the Lille Grand Palais, on stand F18-30 in the innovation village. This is your chance to discover our innovative solution for solving operational challenges and contributing to a secure digital future.
Cybercrime in 2024: Towards a new era of maturity!
Cybercrime is evolving at breakneck speed, and is becoming increasingly professional. With the emergence of AI and new ultra-high-performance technologies, we can expect a new level of maturity in 2024.
Despite a worsened economic context that is not very conducive to startup financing, the French cybersecurity sector has raised some handsome funds since the beginning of 2023, helping to build a solid security culture within our companies.
ARC Data Shield, Partner of the FIC - Forum InCyber: Meet us at our booth and discover our solutions
We're looking forward to welcoming you to the FIC - Forum InCyber on our stand in the Innovation area. It's a great opportunity to share our breakthrough approach with you, and to discuss your security needs in the face of protocol attacks.
Our team will be there to meet you, understand your specific concerns and present our innovative security solutions: Digital Air Gap network appliances. We firmly believe in the importance of a secure digital environment for your businesses and organizations, and the FIC represents an ideal platform for exchange.
Join us to see demonstrations of use cases for our appliances, and visualize in concrete terms how our solutions can strengthen your company's security. We look forward to sharing this experience with you at the FIC - Forum InCyber.
Inspiring exploration at CES 2024: ARC Data Shield on hand to dive into the heart of global innovation
We're delighted to share our experience at CES 2024 in Las Vegas, where ARC Data Shield actively participated by visiting the show and setting up meetings with exciting players in the cybersecurity industry. As a global showcase for the latest technological innovations, CES was an invaluable source of inspiration and dynamism.
The diversity of the exhibitors and the richness of the discussions reflected the rapid evolution of the cybersecurity sector. We had the opportunity to meet talented colleagues such as Shwett - Hypervision 3D, headed by founder Cédric GIRARD, a member of ADN Ouest like ourselves. This meeting was particularly significant, underlining the strong and numerous links within this network.
The Pays de la Loire region's superb Business France La French Tech pavilion showcased the region's expertise in IT and cybersecurity. The CES experience reinforced our commitment to innovation and collaboration within our ecosystem.
ARC Data Shield at European Cyber Week: A strong commitment and fruitful meetings for enhanced cybersecurity
The ARC Data Shield technical team returned enthusiastically from European Cyber Week! The event was the perfect opportunity to share knowledge, exchange ideas with our peers and strengthen our ties with partners and customers.
We would like to express our gratitude to all those we had the pleasure of meeting and reuniting with during these fruitful exchanges.
This year's European Cyber Week was a resounding success, and we warmly congratulate the organizers and partners on their exceptional welcome.
We were present at the technical seminar of our integrator Arsium
We were delighted to play an active part in this day organized by our integrator partner Arsium, proudly celebrating their two-year anniversary. We were delighted to meet up with Arsium customers and our colleagues from DataCore and Profinet, who helped make the day a memorable one.
We had the pleasure of presenting our solutions to this expert and interested audience.
Many thanks to the Arsium team for their exceptional welcome at Lyon's Groupama Stadium. A day that couldn't have been more successful.
Cybersecurity of industrial systems: A look back at the rich and fascinating day organized by Exera
Just back from a day devoted to the cyber security of industrial systems, remarkably organized by the Exera association. The day was packed with top-quality presentations, creating an ideal setting for exchanges and reunions in the field of industrial cyber. The sharing of experiences by speakers from Stormshield, Seckiot, Eiffage Énergie Systèmes and Siemens provided additional depth, underlining the importance of these meetings in strengthening our knowledge of industrial infrastructure security. Many thanks to all the contributors who helped make this event an invaluable source of inspiration and collaboration.
ARC Data Shield exhibited at VivaTech: It's not a trade show, but a booster for great encounters!
Paris, France - On June 14 and 15, 2023, at the VivaTech trade show, we met with an equally enthusiastic response to our participation. The show enabled the company to meet many interested parties and establish high-quality contacts.
VivaTech was an immersive experience for ARC Data Shield over 2 intense days: a visitor day and an exhibitor day. The two were so complementary.
During the day's visit, the team met some very interesting and open-minded people. The following day, the ARC Data Shield stand in the heart of the Pays de La Loire pavilion, featuring our Digital Air Gap solution, attracted the attention of many qualified visitors. It was an opportunity for our start-up to confirm once again the market's growing interest in solutions for protecting critical assets.
ARC Data Shield's day as an exhibitor on the Pays de la Loire regional pavilion was particularly important. During this day, our team was able to carry out a number of complementary activities: we gave a presentation to international delegations, and exhibited on our stand to present our solutions to very knowledgeable visitors, whether they had come for the pleasure of discovering us, or as many of them had identified us to come and meet us specifically. We were particularly pleased to meet and exchange ideas on a wide range of uses and needs. What's more, we had the pleasure of meeting other promising startups from the Pays de la Loire region.
These days spent at VivaTech were an opportunity to meet new people and discover new opportunities for collaboration.
A big bravo and thank you to the Pays de la Loire region for this incredible organization and for contributing so actively to our technological and digital ecosystem.
ARC Data Shield demonstrates its Digital Air Gap solution at Cybermatinée in Nantes, France
ARC Data Shield took part in the Cybermatinée in Nantes, organized by the newspaper Le Monde Informatique. This major industry event drew a well-informed audience of CIOs and CISOs, who came to listen to solution presentations, round-table discussions on crucial topics and, as a bonus, attend the presentation of our innovative Digital Air Gap solution.
The ARC Data Shield team had prepared enthusiastically for the event. The presentation was a success, and we were delighted by the interest shown in our solution, and in our approach to protecting corporate assets.
Many thanks to the editorial staff of Le Monde Informatique for their invitation.
To find out more about the event, read the article in Le Monde Informatique: https: //www.lemondeinformatique.fr/actualites/lire-cybermatinees-securite-2023-retour-sur-les-temps-forts-90931.html
ARC Data Shield will be presenting its innovative solutions at VivaTech 2023: don't miss the chance to meet our team and discover our products!
We're delighted to announce that ARC Data Shield will be exhibiting at VivaTech, the world's leading event for technological innovation and entrepreneurship, on June 15. Thanks to the support of the Pays de la Loire region, we'll be able to take part in this prestigious event, which runs from the 14th to the 17th at Paris Expo Porte de Versailles.
The show is an opportunity for us to present our innovative network gateway solutions to visitors, offering companies and organizations protection for their tangible and intangible assets against protocol-based attacks.
Taking part in VivaTech is a great opportunity for ARC Data Shield. Every year, this event brings together thousands of entrepreneurs, investors, researchers and industry experts, enabling us to make connections, forge partnerships and present our innovations to a captive and attentive audience. VivaTech is the ideal place to showcase our technological know-how and meet key industry players, while raising our profile on the international stage.
We would like to thank the Pays de la Loire region for its support and confidence. Thanks to its pavilion, we'll be able to benefit from increased visibility and meet key players in the sector. This collaboration testifies to the Region's commitment to innovation and entrepreneurship, and we are proud to represent the Pays de la Loire region at VivaTech.
We warmly invite all our partners, customers and technology enthusiasts to visit us on the Pays de la Loire Region pavilion at stand H10-010. This will be the ideal opportunity to discover our latest innovations, interact with our team and discuss collaboration opportunities. We look forward to meeting you and sharing our enthusiasm for technology and innovation.
Visit us on June 15, 2023 on booth H10-010 at VivaTech Paris Expo Porte de Versailles
Find out more here: https: //app.vivatechnology.com/partner/29aa1b20-dae4-ed11-8e89-000d3a4a8203/arc-data-shield
Cyber news
Directive NIS 2 : une opportunité pour renforcer la résilience face aux cybermenaces croissantes
La directive NIS 2, visant à renforcer la cybersécurité de milliers d’administrations et d’entreprises françaises, entre en vigueur aujourd’hui. Le projet de loi pour sa transposition en droit national a été présenté en conseil des ministres et sera prochainement discuté au Parlement. Cette directive élargit le nombre d’entités concernées, incluant désormais environ 15 000 structures en France, et accroît les exigences en matière de sécurisation des systèmes d’information.
Vincent Strubel, directeur général de l’Anssi, a annoncé une période de trois ans pour que les entités régulées se conforment aux nouvelles obligations, tout en insistant sur l’importance de commencer dès maintenant. Parmi les obligations figurent la réalisation d’analyses de risque, la notification des incidents de sécurité à l’Anssi, le renforcement de la résilience des systèmes IT, et la promotion d’une culture de cybersécurité au sein des organisations. Des sanctions financières significatives sont prévues en cas de non-conformité.
Face aux vagues croissantes de cyberattaques qui menacent potentiellement la survie des entreprises, l’arrivée de NIS 2 doit être saisie comme une opportunité pour renforcer leur robustesse. Les fournisseurs de solutions et les éditeurs sont prêts à accompagner les organisations dans cette transition, offrant des services et des technologies pour améliorer leur résilience. Ainsi, bien que le 17 octobre puisse sembler être une date symbolique, il marque le début d’une nouvelle ère de vigilance et de proactivité en matière de cybersécurité.
Crédits : Le Monde Informatique
Cyberattaque en Allemagne : nécessité d’un cloisonnement fort
Le 1er septembre, les services allemands de la navigation aérienne (DFS) ont été victimes d’une cyberattaque ciblant leur système de communication interne. Bien que le trafic aérien n’ait pas été affecté et que les conséquences semblent limitées pour l’instant, cette attaque a mis en lumière une vulnérabilité critique. Le groupe de hackers pro-russes APT 28, soupçonné d’être à l’origine de l’attaque, est connu pour ses actions de cyberespionnage, avec des liens supposés avec le renseignement militaire russe (GRU).
Cet incident souligne l’impératif de mettre en place un système de cloisonnement strict entre les infrastructures critiques et les systèmes bureautiques. Une telle séparation permettrait de mieux protéger les fonctions vitales du contrôle aérien contre les intrusions malveillantes, en limitant l’accès aux systèmes sensibles et en minimisant les risques de propagation d’une attaque. En renforçant ces barrières, il serait possible de prévenir des conséquences plus graves, comme la perturbation du trafic aérien ou l’exfiltration de données sensibles.
Crédits : Le monde informatique
La nouvelle version du ransomware HardBit 4.0 : Une menace accrue pour la cybersécurité des entreprises
Des chercheurs en cybersécurité ont découvert une nouvelle version du ransomware HardBit, nommée HardBit 4.0, qui utilise une protection par mot de passe pour éviter la détection. Contrairement aux versions précédentes, cette variante nécessite un mot de passe pour s’exécuter correctement, rendant l’analyse plus difficile pour les chercheurs en sécurité. HardBit, apparu pour la première fois en octobre 2022, se distingue par l’absence de site de fuite de données, préférant menacer les victimes de nouvelles attaques pour les forcer à payer.
Le vecteur d’accès initial n’est pas clair, mais pourrait impliquer le brute force des services RDP et SMB. Une fois l’accès obtenu, les attaquants utilisent des outils comme Mimikatz pour le vol d’identifiants et le déplacement latéral via RDP. HardBit désactive les antivirus et services Microsoft Defender, et encrypte les fichiers de l’hôte infecté. Il offre également un mode wiper pour effacer définitivement les fichiers. En 2024, les attaques de ransomware sont en hausse, avec une forte activité des groupes LockBit, Akira, et BlackSuit.
https://thehackernews.com/2024/07/new-hardbit-ransomware-40-uses.html
Crédits : The Hacker news
Cyberattacks: ransomware that's devastating hospitals
Recent attacks have affected several establishments: in February, the Armentières facility saw 18 GB of data published after its servers were encrypted, and in May, the Simone Veil hospital in Cannes suffered a similar attack, with 61 GB of data disclosed. In 2023, reports of ransomware attacks increased, with healthcare establishments accounting for 10% of victims, according to ANSSI.
A report by CERT Santé counts 32 ransomware attacks in 2023, severely disrupting certain structures. France is the European country most affected by these cyberthreats, but only 27% of healthcare establishments have a protection program against ransomware.
The consequences are severe, with medical data being sold on the dark web. Pierre-Antoine Failly Crawford of Varonis reports that a file can sell for 300 euros. However, more and more organizations are refusing to pay ransoms, preferring to restore their systems from backups. CERT Santé notes increased efforts by healthcare establishments in cybersecurity, with a willingness to strengthen their defensive measures.
Credit : Le monde informatique
Ransomware: a growing threat to businesses in 2023
Ransomware affected three out of four businesses in 2023, posing a serious cybersecurity problem. According to the Veeam 2024 Ransomware Trends Report, only 57% of compromised data is restored, leaving 43% of data unrecoverable.
These attacks cause IT breakdowns and unavailability, having a major impact on businesses. Pressure on IT and security teams is increasing, with 45% of professionals reporting increased stress and 26% a loss of productivity. Despite the need for an effective cyber-defense strategy, 63% of companies regret the lack of synchronization between backup and cyber-risk teams.
A majority of 81% of companies paid ransoms, but a third did not recover their data after payment. Cyber insurance, taken out by 86% of companies, covers only 62% of attack-related costs. Data stored in the cloud is just as vulnerable as on-premises data, underlining the need to improve IT infrastructures to prevent cyber attacks.
Credit : IT Social
"Black hat AI versus white hat AI - who's going to win?
In view of the double-edged capabilities of AIs, which are just as good at creating attacks as they are at defending them, should we take preventive measures or continue to expose our critical assets?
Is it urgent to no longer leave critical or sensitive assets accessible, protected only by software security, or to wait and hope that the positive uses of AI will overtake the negative ones?
Excellent article by OnePoint, written with the business intelligence experts at EGE, on the subject.
Credit: Onepoint
The new recommendations in terms of safeguard policy: move from the 3-2-1 strategy, which has become insufficient, to the robust strategy of 3-2-1-1-0.
The 3-2-1 rule recommended three copies of data on two different media with one off-site copy. Initially proposed by Peter Krogh, this rule must adapt to changes in current risks. In an ever-growing and interacting digital landscape, more advanced backup strategies are emerging to meet the needs. Veeam, highlights the 3-2-1-1-0 rule, which meets the objective of ensuring data recovery by diversifying storage copies. By embedding these principles into their practices, organizations can ensure the security and availability of their data in a dynamic digital environment.
Recommendations 3-2-1-1-0:
– 3 Copy of data
– On 2 different media
– Including 1 off-site copy
– And a copy that is physically offline
– And no errors during restoration tests
https://www.veeam.com/blog/321-backup-rule.html
Credit : Veeam
When the best EDR software solutions like Microsoft's can be bypassed, it shows that a hardware solution is the right answer to protect critical assets.
"Until now, cybersecurity tools based on Endpoint Detection and Response technology have been a guarantee of protection against computer attacks. Unfortunately, hackers are now finding ways around it.
Last week, experts from the British government's cybersecurity agency sounded the alarm, declaring that the proliferation of hacking tools is out of control. The news proves them right, as it is one of the best cybersecurity tools on the market offered by Microsoft that is gradually being bypassed by hackers.Known as Endpoint Detection and Response (EDR), this technology is used in high-performance cybersecurity tools. Designed to spot the first signs of malicious activity on all machines serving as endpoints (such as computers) in a computer network, they then block threats before intruders can steal data or lock down machines. ... "
Credit: Antoine BARSACQ - TOM'S GUIDE
Are our companies sufficiently resilient in the face of today's cyber risks?
" Only 7% of French organizations have a sufficiently "mature " cybersecurity posture to defend themselves against the threats of the hybrid world.
Companies have moved from a fixed mode of operation, where employees use devices in a single location via a static network, to a hybrid world where connections are made with multiple devices on different networks, via applications in the cloud, generating huge amounts of data.
This development poses new cybersecurity challenges for businesses. Above all, it highlights the limits of the sacrosanct perimeter defense.
According to the Cisco study "Cybersecurity Readiness Index: Resilience in a Hybrid World", only 7% of organizations in France have the "mature" level of readiness required to be resilient in the face of modern cybersecurity risks. ... "
Credit: Philippe RICHARD - IT SOCIAL
For an SME, dealing with the consequences of a cyber attack can be a daunting task.
" Cobolux was the victim of a violent cyber-attack in November, which it claims cost it almost 500,000 euros.
"The damage is great", Paul Faltz, General Manager of Cobolux, told us at the end of November. His company of around 150 employees, which supplies meat to butchers' shops throughout France and the Greater Region, supermarkets and restaurants, had just been hit by a violent cyber-attack. The attack, which took place on Friday November 25, brought the plant to a standstill for an entire weekend. Nearly three months later, the bill has soared.
While the loss at the time was "already in excess of 100,000 euros", it is now estimated at "between 400,000 and 500,000 euros", according to Paul Faltz, who lists "the production stoppages caused by this attack, the restoration of the network and our ERP (integrated management software), the hours, weeks and months spent by our administrative teams re-encoding the lost data, and the investment in an even more secure IT structure". There had been a ransom demand. "But our very good IT teams were able to react," Cobolux said at the time. ... "
Credit: Nicolas MARTIN - L'Essentiel
Deploying effective cybersecurity solutions is a prerequisite for taking out cyber insurance.
" The government wants to encourage the development of insurance against computer attacks. However, companies need to demonstrate that they have upgraded their IT security to obtain cover. Faced with a phenomenon they are still struggling to grasp, insurers are raising prices and are on their guard.
Small and medium-sized enterprises (SMEs) are well advised to equip themselves with belts and suspenders to secure insurance cover against cyber attacks. At a time when hacker offensives against companies are on the increase, insurers are taking a cautious approach to granting cover.
"Only companies that have invested in IT security and protection tools will be able to insure themselves," warns Christophe Zaniewski, General Manager of AIG in France. However, "basic security procedures are still very rarely implemented by SMEs", laments this long-standing market player.. ...
Credits: Solenn POULLENNEC and Laurent THEVENIN - Les Echos ENTREPRENEURS
AFNOR to fall victim to ransomware cyberattack in February 2021
" On February 18, 2021, Afnor's entire business was brought to a standstill by a computer attack. The Ryuk ransomware had claimed yet another victim. Jean-Marc Aubert, Afnor's CISO, recounts the details of this long-term crisis management.
For the outside world, on the afternoon of February 18, 2021, the Association française de normalisation (AFNOR) modestly refers to technical problem" with its websites. Its press service, fortunately more transparent, mentions the Ryuk ransomware. Behind the scenes, it all began a few hours earlier.
At 8:02 a.m., a message from the technical team alerted Afnor's CIO to a "small" problem: the sudden appearance of .RYK files on the company network. He immediately interrupted his vacation and called Jean-Marc Aubert, Afnor's current CISO, who was then in charge of security. This marked the start of a race against time to block the attack, followed by months of work to get the information system back into production.
Just 18 minutes after the alert began, the CIO and ComEx decided to shut down the entire information system. "All computers were shut down, and everyone went back to paper and pencil," explains Jean-Marc Aubert. "We were in the middle of the Covid phase, and all employees were in lockdown. We call back all ISD staff, and set up a crisis management room. "
All hell breaks loose at AFNOR headquarters
The entire information system is shut down, and the crisis management team quickly gets organized. The IT team calls its contacts for help and handles the reporting aspect of the cyberattack. The Agence nationale de la sécurité des systèmes d'information (Anssi) is notified, as is the insurer. A complaint is lodged with the local police station, and the mandatory declaration to the CNIL is made within 72 hours.Jean-Marc Aubert also turned to the Office central de lutte contre la criminalité liée aux technologies de l'information et de la communication (OCLCTIC), which is familiar with this type of attack on French companies. "Fortunately, we had taken out cyber insurance a year before the attack. Another invaluable asset was the assistance contract we had signed with Airbus Protect, which enabled us to start our crisis management very quickly. And while our first call was to Anssi, the second was to our sales contact at Airbus Protect." "
https://www.lemagit.fr/etude/Ransomware-le-RSSI-de-lAfnor-raconte-la-cyberattaque-de-fevrier-2021
Credit: Alain Clapaud - LeMagIT
Carried along by the flow of excessive digitalization: aren't our 4.0 factories taking too many risks?
" Industrial companies are well aware of the cyber threats facing their connected factories. However, many of them admit they are not ready to defend themselves.
Companies running connected factories all - or almost all - recognize that cybersecurity is an essential component of their operations. But, according to a report published last week by Capgeminimany of them are unprepared for the growing number of cyber threats facing their plants. The report, based on a survey of 950 companies worldwide, finds that 80% agree that cybersecurity is an essential component of running a smart factory, and that while more than half (51%) recognize that the number of cyberattacks is likely to increase over the next 12 months, their current level of preparedness is low.... "
Credit: Jean Elyan - Le Monde Informatique
Cyber-attack threats are on the increase, particularly for manufacturers
" Faced with the proliferation of cyber threats, no company is immune, regardless of its size or field of activity. While digital sectors such as e-commerce have long been prime targets, the world of industry is now in the crosshairs of criminals.
One of the main reasons for this is the obsolescence or weakness of cybersecurity processes that have not been strengthened or even updated for a long time. It's not uncommon for existing systems to continue using the same security protocols as when they were launched, so attacks can quickly and easily interfere with operations. There is a misconception that cyberattacks are becoming increasingly sophisticated or complex; in reality, criminals rely on well-established tactics and look for the most obvious and quickly accessible opportunities.... "
https://www.datasecuritybreach.fr/cybermenace-entreprise/?amp=1
Credit: Damien Bancal - Data Security Breach
Major cyber attack on hospitals in Eastern France
"The Groupement hospitalier de territoire de la région Grand Est has been hacked. As a new method of blackmail, the hackers have put the archive of almost 28 GB of data up for sale on the Darknet for a limited time. When it expires, if it is not sold, passports, medical analyses, bank details, patient files... will circulate freely on the networks.
[...] So, for the moment, it costs $1.3 million to acquire this data data. At least, that's what the hospital group will have to pay, if it doesn't want anyone with malicious intent to buy it. But that's not all, as this is a temporary "Premium" offer. Data is only available at this exclusive rate for one week. After seven days, if no buyer has come forward, the information will be freely distributed on the network. ... "
Credit: Louis Neveu - Futura Tech
Corporate cybersecurity: an important and sometimes even vital issue
"A study by PAC shows that CIOs and CISOs overestimate the IT security maturity of their organizations.
Is it still necessary to stress the importance of IT security in the face of growing cyberthreats? 55% of French companies have been the victim of a cyberattack at least once in the last twelve months, and 30% of them more than once, according to the latest PAC study on cybersecurity. Faced with this constant danger, one might expect companies to do everything in their power to protect themselves. However, the PAC study reveals a catastrophic overestimation of companies' level of IT security maturity. According to the research firm, 41% of French companies are less mature in terms of cybersecuritý than they think, with 53% of companies surveyed declaring a high level of cybersecurity maturity. ... "
Credit: Bertrand Lemaire - Le Monde Informatique