CYBER NEWS
News ARC Data Shield

ARC Data Shield at the Paris Air Show SIAE 2025
From June 16 to 17, 2025, at the Parc des Expositions Paris-Le Bourget (Hall 4 E 167), come and discover how our Digital Air Gap solution and its various specialized versions ensure the resilience of your critical infrastructures and the protection of your backups in the face of major cyber risks such as ransomware.
Come and meet us at our stand, and we'll show you our innovative technology:
- The operation of the "Backup" version of our solution, dedicated to protecting your backups by offline transfer: imperative for countering ransomware and EDR bypasses.
- The operation of the "Transfer" version, dedicated to the creation of isolated networks to protect your R&D, production equipment or other critical assets from attacks and data exfiltration.
- Discuss the many other detailed use cases and all the benefits of our solutions for safeguarding your business.
In a context where every minute of downtime can cost tens of thousands of euros, our Digital Air Gap can be deployed either to protect your assets directly, or to ensure the availability of your backups by storing them physically offline, so you can deploy your recovery and business continuity plans with confidence.
Join us at the SIAE for a relaxed discussion of your business continuity challenges, and leave with an immediately operational action plan.

ARC Data Shield returns to exhibit at Lille's In Cyber 2025 Forum
ARC Data Shield is pleased to announce its participation as an exhibitor at the International Cybersecurity Forum (FIC) 2025, to be held April 1-3, 2025 at the Lille Grand Palais, France.
We invite you to come and discover our innovative Digital Air Gap network gateway solutions on our stand F17-9. Our breakthrough solution is designed to effectively protect your critical assets against cyber threats. Our team of experts will be on hand to discuss current cybersecurity issues and the solutions offered by our technologies.
Join us at FIC 2025 to explore the best strategies for protecting your digital infrastructures.

NAVAL Group has selected ARC Data Shield to work jointly on the cybersecurity of the navy's onboard systems.
ARC Data Shield is proud to have been selected by NAVAL Group as part of the CyberTech Navale program. This recognition highlights our expertise in cybersecurity, in particular our innovative Digital Air Gap network gateways.

Our collaboration with NAVAL Group will enable us to benefit from their expertise and knowledge of naval requirements, so that we can optimize our Digital Air Gap gateway to meet the specific expectations of the maritime sector. By joining forces with their teams, we aim to help protect critical on-board infrastructures.
Thanks to Naval Group for their confidence and to all those who support our mission. Stay tuned to follow the progress of this promising project.


ARC DATA SHIELD and CYBER ICS: A Strategic Alliance to Strengthen Industrial Cybersecurity
ARC DATA SHIELD, a cybersecurity solutions provider, and CYBER ICS, a specialist in cybersecurity consulting and auditing, announce their strategic partnership to strengthen security in the industrial sector.
In an age of increasing digitalization, the security of industrial systems has become a top priority. Cybersecurity incidents in industrial environments can lead to disastrous consequences, with considerable financial losses and jeopardizing the safety of people and the survival of businesses.
With this in mind, ARC DATA SHIELD and CYBER ICS have combined their expertise to offer a complete industrial security solution.
"This partnership between ARC DATA SHIELD and CYBER ICS is a major step forward in our joint commitment to the development of our industry.
to industrial safety. Together, we will be able to provide advanced safety solutions,
tailored to the specific needs of each customer. We are convinced that our collaboration will strengthen
the protection of industrial systems and contribute to the sustainability of our customers' businesses," explains Arnaud
COMBIER, President of ARC DATA SHIELD.
ARC DATA SHIELD and CYBER ICS join forces to create a powerful alliance for security
industry. Their collaboration will enable us to develop integrated solutions that combine the best of both worlds.
security practices and the protection of industrial control systems. ARC DATA customers
SHIELD and CYBER ICS will benefit from this collaboration by gaining access to combined expertise and solutions.
and enhanced technical support.
For Romain ALLAIN, Director of CYBER ICS, "the products offered by ARC DATA SHIELD improve the level of customer service.
security of corporate assets, while remaining accessible and relevant. The ARC DATA team
SHIELD offers a high level of expertise and their values are in line with ours. We are very
pleased to be working alongside ARC DATA SHIELD towards our common goal of helping companies to secure their future.
their industrial systems with quality products of French 100% origin."

ARC Data Shield at European Cyber Week 2024: Discover our innovative solutions for cybersecurity
Rennes, November 18-21, 2024
We are delighted to announce our participation in European Cyber Week (ECW) 2024, to be held at the Couvent des Jacobins in Rennes from November 18 to 21. Each year, this event brings together cybersecurity experts around the themes of European strategic autonomy, defense AI and the protection of critical digital infrastructures.
An innovative environment for cutting-edge solutions
Against a backdrop of increasing cyberthreats, we will be presenting our advanced technologies, including our patented Digital Air Gap network appliances. These innovative solutions provide a unique level of hardware and electronic protection, compliant with regulations such as the NIS 2 directive, to ensure the resilience of critical infrastructures.
Meet us at ECW 2024!
Come and meet our team to discover our innovations in cybersecurity and discuss the challenges of tomorrow. We look forward to seeing you at stand n°S06!
ARC Data Shield joins the Cyber Center of Excellence

ARC Data Shield joins the Pôle d'Excellence Cyber: a new step to strengthen cybersecurity :
We are pleased to announce thatARC Data Shield is now part of the Cyber Center of Excellence ! We are honored to join this community dedicated to cybersecurity. This new step marks a key moment in our commitment to provide ever-greater protection for our customers and partners.
By joining the Pôle d'Excellence Cyber, we have the opportunity to share our expertise and actively participate in the initiatives and actions it organizes, all geared towards the same goal: digital security for all.
For us, this collaboration is a unique opportunity to take part in projects that make a real difference to digital security, while sharing our knowledge and learning alongside the best.
We look forward to working with you on the next steps, always with one objective in mind: to guarantee the best possible protection for hardware assets and data in the face of tomorrow's threats.
Thank you for your continued support, and see you soon for new advances in cybersecurity!
Linkedin post: linkedin.com/posts/pole-excellence-cyber_cyber-welcome-innovation-activity-7252608052774760448-uiGE?utm_source=share&utm_medium=memb


A great success for us to have been an exhibiting partner at the InCyber Europe Forum (FIC)

The quality of the meetings, the extremely positive feedback from end-users who discovered it, the links with our colleagues, the chance to meet future partners, the large audience for our innovation pitch on the advantages of strong partitioning... in short, 3 intense and exciting days!
Thank you all for coming to see us.

ARC Data Shield Partner of the FIC- Forum InCyber
To meet us, don't miss the InCyber Europe Forum (FIC), which opens its doors today! We'll be there from March 26 to 28, 2024 at the Lille Grand Palais, on stand F18-30 in the innovation village. This is your chance to discover our innovative solution for solving operational challenges and contributing to a secure digital future.
Cybercrime in 2024: Towards a new era of maturity!
Cybercrime is evolving at breakneck speed, and is becoming increasingly professional. With the emergence of AI and new high-performance technologies, we can expect a new level of maturity in 2024.
Despite a deteriorating economic climate that is not very conducive to startup financing, the French cybersecurity sector has raised some handsome funds since the start of 2023, helping to build a solid security culture within our companies.

ARC Data Shield, Partner of the FIC - Forum InCyber: Meet us at our booth and discover our solutions
We're looking forward to welcoming you to the FIC - Forum InCyber on our stand in the Innovation area. It's a great opportunity to share our breakthrough approach with you, and to discuss your security needs in the face of protocol attacks.
Our team will be there to meet you, understand your specific concerns and present our innovative security solutions: Digital Air Gap network appliances. We firmly believe in the importance of a secure digital environment for your businesses and organizations, and the FIC represents an ideal platform for exchange.
Join us to see demonstrations of use cases for our appliances, and visualize in concrete terms how our solutions can strengthen your company's security. We look forward to sharing this experience with you at the FIC - Forum InCyber.

Inspiring exploration at CES 2024: ARC Data Shield on hand to dive into the heart of global innovation

We're delighted to share our experience at CES 2024 in Las Vegas, where ARC Data Shield actively participated by visiting the show and setting up meetings with exciting players in the cybersecurity industry. As a global showcase for the latest technological innovations, CES was an invaluable source of inspiration and dynamism.
The diversity of the exhibitors and the richness of the discussions reflected the rapid evolution of the cybersecurity sector. We had the opportunity to meet talented colleagues such as Shwett - Hypervision 3D, headed by founder Cédric GIRARD, a member of ADN Ouest like ourselves. This meeting was particularly significant, underlining the strong and numerous links within this network.
The Pays de la Loire region's superb Business France La French Tech pavilion showcased the region's expertise in IT and cybersecurity. The CES experience reinforced our commitment to innovation and collaboration within our ecosystem.

ARC Data Shield at European Cyber Week: A strong commitment and fruitful meetings for enhanced cybersecurity
The ARC Data Shield technical team returned enthusiastically from European Cyber Week! The event was the perfect opportunity to share knowledge, exchange ideas with our peers and strengthen our ties with partners and customers.
We would like to express our gratitude to all those we had the pleasure of meeting and reuniting with during these fruitful exchanges.
This year's European Cyber Week was a resounding success, and we warmly congratulate the organizers and partners on their exceptional welcome.

We were present at the technical seminar of our integrator Arsium
We were delighted to play an active part in this day organized by our integrator partner Arsium, proudly celebrating their two-year anniversary. We were delighted to meet up with Arsium customers and our colleagues from DataCore and Profinet, who helped make the day a memorable one.
We had the pleasure of presenting our solutions to this expert and interested audience.
Many thanks to the Arsium team for their exceptional welcome at Lyon's Groupama Stadium. A day that couldn't have been more successful.

Cybersecurity of industrial systems: A look back at the rich and fascinating day organized by Exera
Just back from a day devoted to the cyber security of industrial systems, remarkably organized by the Exera association. The day was packed with top-quality presentations, creating an ideal setting for exchanges and reunions in the field of industrial cyber. The sharing of experiences by speakers from Stormshield, Seckiot, Eiffage Énergie Systèmes and Siemens provided additional depth, underlining the importance of these meetings in strengthening our knowledge of industrial infrastructure security. Many thanks to all the contributors who helped make this event an invaluable source of inspiration and collaboration.

ARC Data Shield exhibited at VivaTech: It's not a trade show, but a booster for great encounters!
Paris, France - On June 14 and 15, 2023, at the VivaTech trade show, we met with an equally enthusiastic response to our participation. The show enabled the company to meet many interested parties and establish high-quality contacts.
VivaTech was an immersive experience for ARC Data Shield over 2 intense days: a visitor day and an exhibitor day. The two were so complementary.
During the day's visit, the team met some very interesting and open-minded people. The following day, the ARC Data Shield stand in the heart of the Pays de La Loire pavilion, featuring our Digital Air Gap solution, attracted the attention of many qualified visitors. It was an opportunity for our start-up to confirm once again the market's growing interest in solutions for protecting critical assets.
ARC Data Shield's day as an exhibitor on the Pays de la Loire regional pavilion was particularly important. During this day, our team was able to carry out a number of complementary activities: we gave a presentation to international delegations, and exhibited on our stand to present our solutions to very knowledgeable visitors, whether they had come for the pleasure of discovering us, or as many of them had identified us to come and meet us specifically. We were particularly pleased with all these meetings and exchanges around numerous use cases and needs. And what's more, we had the pleasure of meeting other promising startups from the Pays de la Loire region.
These days spent at VivaTech were an opportunity to meet new people and discover new opportunities for collaboration.
A big bravo and thank you to the Pays de la Loire region for this incredible organization and for contributing so actively to our technological and digital ecosystem.

ARC Data Shield demonstrates its Digital Air Gap solution at Cybermatinée in Nantes, France

ARC Data Shield took part in the Cybermatinée in Nantes, organized by the newspaper Le Monde Informatique. This major industry event drew a well-informed audience of CIOs and CISOs, who came to listen to solution presentations, round-table discussions on crucial topics and, as a bonus, attend the presentation of our innovative Digital Air Gap solution.
The ARC Data Shield team had prepared enthusiastically for the event. The presentation was a success, and we were delighted by the interest shown in our solution, and in our approach to protecting corporate assets.
Many thanks to the editorial staff of Le Monde Informatique for their invitation.
To find out more about this event, read the article in Le Monde Informatique : https://www.lemondeinformatique.fr/actualites/lire-cybermatinees-securite-2023-retour-sur-les-temps-forts-90931.html

ARC Data Shield will be presenting its innovative solutions at VivaTech 2023: don't miss the chance to meet our team and discover our products!
We're delighted to announce that ARC Data Shield will be exhibiting at VivaTech, the world's leading event for technological innovation and entrepreneurship, on June 15. Thanks to the support of the Pays de la Loire Region, we'll be able to take part in this prestigious event, which runs from the 14th to the 17th at Paris Expo Porte de Versailles.
The show is an opportunity for us to present our innovative network gateway solutions to visitors, offering companies and organizations protection for their tangible and intangible assets against protocol-based attacks.
Taking part in VivaTech is a great opportunity for ARC Data Shield. Every year, this event brings together thousands of entrepreneurs, investors, researchers and industry experts, enabling us to make connections, forge partnerships and present our innovations to a captive and attentive audience. VivaTech is the ideal place to showcase our technological know-how and meet key industry players, while raising our profile on the international stage.
We would like to thank the Pays de la Loire region for its support and confidence. Thanks to its pavilion, we'll be able to benefit from increased visibility and meet key players in the sector. This collaboration testifies to the Region's commitment to innovation and entrepreneurship, and we are proud to represent the Pays de la Loire region at VivaTech.
We warmly invite all our partners, customers and technology enthusiasts to visit us on the Pays de la Loire Region pavilion at stand H10-010. This will be the ideal opportunity to discover our latest innovations, interact with our team and discuss collaboration opportunities. We look forward to meeting you and sharing our enthusiasm for technology and innovation.
Visit us on June 15, 2023 on booth H10-010 at VivaTech Paris Expo Porte de Versailles
Find out more here: https://app.vivatechnology.com/partner/29aa1b20-dae4-ed11-8e89-000d3a4a8203/arc-data-shield
Cyber news

SentinelOne's BDU out, Babuk in
AON researchers demonstrated on May 7, 2025 how a hacker, after exploiting an application flaw, bypassed the SentinelOne EDR's anti-tamper protection to uninstall the Windows agent and deploy a variant of the Babuk ransomware.
By exploiting the agent's unauthenticated upgrade/downgrade, the attacker neutralized all detection, leaving the compromised server at the mercy of malicious encryption.
SentinelOne was quick to react: local passphrase activated by default, authentication of updates and reinforced installation authorization via its console.

But, as Stroz Friedberg warns, these patches are no substitute for a defense-in-depth strategy.
In the face of constantly evolving circumvention methods, regular, isolated (physically offline) backups remain the last bastion of business continuity.
In addition to instant patches, investing in redundant solutions and frequently testing restoration procedures is now a must for controlling the risk of ransomware.
Credits : Le Monde Informatique " SentinelOne's EDR neutralized to install a variant of the Babuk ransomware"

Cyberattack on fintech Harvest: paralysis and data leakage
In February 2025, French fintech Harvest suffered a major ransomware cyberattack, completely paralyzing its digital services, including its official website and customer access via VPN. According to specialist magazine LeMagIT, the incident began with a targeted intrusion exploiting a vulnerability in the company's cloud infrastructure, causing a total disruption to its systems for several days. Numerous financial services offered by Harvest, including investment and wealth management platforms, were severely affected.

This cyberattack resulted in the leakage of customer and employee data. Faced with this critical situation, Harvest immediately mobilized its technical teams and called in external experts to contain the attack and gradually restore its IT systems. In compliance with European RGPD regulations, client companies had to quickly notify the CNIL in order to report this data breach.
Credit : LeMagIT.frCyberhebdo of March 7, 2025: an exceptionally violent week.

NIS 2 Directive: an opportunity to strengthen resilience in the face of growing cyberthreats
The NIS 2 directive, aimed at reinforcing the cybersecurity of thousands of French administrations and businesses, comes into force today. The bill for its transposition into national law has been presented to the Council of Ministers and will shortly be debated in Parliament. This directive extends the number of entities concerned, now including some 15,000 structures in France, and increases the requirements for securing information systems.
Vincent Strubel, Director General of Anssi, announced a three-year period for regulated entities to comply with the new obligations, while stressing the importance of starting now. Obligations include conducting risk analyses, reporting security incidents to Anssi, strengthening the resilience of IT systems, and promoting a culture of cybersecurity within organizations. Significant financial penalties are provided for in the event of non-compliance.
With increasing waves of cyber-attacks potentially threatening the survival of businesses, the arrival of NIS 2 must be seized as an opportunity to strengthen their robustness. Solution providers and editors are ready to support organizations in this transition, offering services and technologies to enhance their resilience. So, while October 17 may seem a symbolic date, it marks the beginning of a new era of vigilance and proactivity in cybersecurity.
Credits : Le Monde Informatique

Cyberattack in Germany: the need for strong compartmentalization
On September 1, the German Air Navigation Service (DFS) was the victim of a cyber attack targeting its internal communications system. Although air traffic was not affected and the consequences appear to be limited for the time being, this attack has highlighted a critical vulnerability. The pro-Russian hacker group APT 28, suspected of being behind the attack, is known for its cyber espionage activities, with alleged links to Russian military intelligence (GRU).

This incident highlights the need for a strict partitioning system between critical infrastructures and office systems. Such a separation would better protect vital air traffic control functions from malicious intrusion, by limiting access to sensitive systems and minimizing the risk of an attack spreading. By reinforcing these barriers, it would be possible to prevent more serious consequences, such as the disruption of air traffic or the exfiltration of sensitive data.
Credits : The computer world

The new version of the HardBit 4.0 ransomware: An increased threat to corporate cybersecurity
Cybersecurity researchers have discovered a new version of HardBit ransomware, named HardBit 4.0, which uses password protection to avoid detection. Unlike previous versions, this variant requires a password to run correctly, making analysis more difficult for security researchers. HardBit, which first appeared in October 2022, is distinguished by the absence of a data leak site, preferring to threaten victims with new attacks to force them to pay.

The initial access vector is unclear, but could involve brute force of RDP and SMB services. Once access has been gained, attackers use tools such as Mimikatz for credential theft and lateral movement via RDP. HardBit disables antivirus and Microsoft Defender services, and encrypts files on the infected host. It also offers a wiper mode for permanent file deletion. In 2024, ransomware attacks are on the rise, with strong activity from the LockBit, Akira and BlackSuit groups.
https://thehackernews.com/2024/07/new-hardbit-ransomware-40-uses.html
Credits : The Hacker news

Cyberattacks: ransomware that's devastating hospitals
Recent attacks have affected several facilities: in February, the Armentières facility saw 18GB of data published after its servers were encrypted, and in May, the Simone Veil hospital in Cannes suffered a similar attack, with 61GB of data disclosed. In 2023, reports of ransomware attacks increased, with healthcare establishments accounting for 10% of victims, according to ANSSI.

A report by CERT Santé counts 32 ransomware attacks in 2023, severely disrupting certain structures. France is the European country most affected by these cyberthreats, but only 27% of healthcare establishments have a protection program against ransomware.
The consequences are severe, with medical data being sold on the dark web. Pierre-Antoine Failly Crawford of Varonis reports that a file can sell for 300 euros. However, more and more organizations are refusing to pay ransoms, preferring to restore their systems from backups. CERT Santé notes increased efforts by healthcare establishments in cybersecurity, with a willingness to strengthen their defensive measures.
Credit : The computer world

Ransomware: a growing threat to businesses in 2023
Ransomware has affected three out of four companies in 2023a serious cybersecurity problem. According to the Veeam 2024 Ransomware Trends Report, only 57 % of compromised data is restored, leaving 43 % irrecoverable data.
These attacks cause IT breakdowns and unavailability, having a major impact on businesses. Pressure on IT and security teams is increasing, with 45 % of professionals reporting increased stress and 26 % a loss of productivity. Despite the need for an effective cyber-defense strategy, 63 % of companies regret the lack of synchronization between backup and cyber-risk teams.
A majority of 81 % of companies have paid ransomsbut a third did not recover their data after payment. Cyber insurance, taken out by 86 % of companies, covers only 62 % of the costs associated with attacks. Data stored in the cloud is also vulnerable than those on site, underlining the need to improve IT infrastructures to prevent cyber-attacks.
Credit : IT Social

"Black hat AI versus white hat AI - who's going to win?
In view of the double-edged capabilities of AIs, which are as good at creating attacks as they are at defending them, should we take preventive measures or continue to expose our critical assets?

Is it urgent to no longer leave critical or sensitive assets accessible, protected only by software security, or to wait and hope that the positive uses of AI will overtake the negative ones?
Excellent article by OnePoint, written with the business intelligence experts at EGE, on the subject.
Credit : Onepoint

New recommendations in terms of backup policy: move from the 3-2-1 strategy, which has become insufficient, to the robust 3-2-1-1-0 strategy.
The 3-2-1 rule recommended three copies of data on two different media, with one copy off-site. Initially proposed by Peter Krogh, this rule needs to adapt to today's evolving risks. In a digital landscape that is constantly growing and interacting, more advanced backup strategies are emerging to meet these needs. Veeam, for example, promotes the 3-2-1-1-0 rule, which meets the objective of ensuring data recovery by diversifying storage copies. By integrating these principles into their practices, companies can guarantee the security and availability of their data in a dynamic digital environment.
Recommendations 3-2-1-1-0:
- 3 copying data
- On 2 different media
- Including 1 off-site copy
- And a physically offline copy
- And no errors during restoration tests
https://www.veeam.com/blog/321-backup-rule.html
Credit : Veeam

When the best EDR software solutions like Microsoft's can be bypassed, it shows that a hardware solution is the right answer to protect critical assets.
"Until now, cybersecurity tools based on Endpoint Detection and Response technology have been a guarantee of protection against computer attacks. Unfortunately, hackers are now finding ways around it.
Last week, experts from the British government's cybersecurity agency sounded the alarm, declaring that the proliferation of hacking tools is out of control. The news proves them right, as one of the best cybersecurity tools on the market, offered by Microsoft, is gradually being bypassed by hackers.Called Endpoint Detection and Response (EDR), literally endpoint detection and response in the language of Molière, this technology is used in high-performance cybersecurity tools. Designed to spot the first signs of malicious activity on all machines that serve as endpoints (such as computers) in a computer network, they then block threats before intruders can steal data or lock down machines. ... "
Credit : Antoine BARSACQ - TOM'S GUIDE

Are our companies sufficiently resilient in the face of today's cyber risks?
" Only 7% of French organizations have a sufficient cybersecurity posture " mature " to defend against the threats of the hybrid world.
Companies have moved from a fixed mode of operation, where employees use devices in a single location via a static network, to a hybrid world where connections are made with multiple devices on different networks, via applications in the cloud, generating huge amounts of data.
This development poses new cybersecurity challenges for businesses. Above all, it highlights the limits of the sacrosanct perimeter defense.
According to the Cisco study "Cybersecurity Readiness Index: Resilience in a Hybrid World", only 7 % of organizations in France have the "mature" level of readiness needed to be resilient in the face of modern cybersecurity risks. ... "
Credit : Philippe RICHARD - IT SOCIAL

For an SME, dealing with the consequences of a cyber attack can be a daunting task.
" Vhe victim of a violent cyber-attack in November, Cobolux claims that it cost the company almost 500,000 euros.
"The damage is great", Paul Faltz, General Manager of Cobolux, told us at the end of November. His company of around 150 employees, which supplies meat to butchers' shops throughout France and the Greater Region, supermarkets and restaurants, had just been hit by a violent cyber-attack. The attack, which took place on Friday November 25, brought the plant to a standstill for an entire weekend. Nearly three months later, the bill has soared.
While the loss at the time was "already in excess of 100,000 euros", it is now estimated at "between 400,000 and 500,000 euros", according to Paul Faltz, who lists "the production stoppages caused by this attack, the restoration of the network and our ERP (integrated management software), the hours, weeks and months spent by our administrative teams re-encoding the lost data, and the investment in an even more secure IT structure". There had been a ransom demand. "But our very good IT teams were able to react", Cobolux explained at the time. ... "
Credit : Nicolas MARTIN - L'Essentiel

Deploying effective cybersecurity solutions is a prerequisite for taking out cyber insurance.
" The government wants to encourage the development of insurance against computer attacks. However, companies need to demonstrate that they have upgraded their IT security to obtain cover. Faced with a phenomenon they are still struggling to grasp, insurers are raising prices and are on their guard..
Small and medium-sized enterprises (SMEs) are well advised to equip themselves with belts and suspenders to secure insurance cover against cyber attacks. At a time when hacker offensives against companies are on the increase, insurers are taking a cautious approach to granting cover.
"Only companies that have invested in IT security and protection tools will be able to insure themselves," warns Christophe Zaniewski, General Manager of AIG in France. However, "basic security procedures are still very rarely implemented by SMEs", laments this long-standing market player.. …
Credits : Solenn POULLENNEC and Laurent THEVENIN - Les Echos ENTREPRENEURS

AFNOR to fall victim to ransomware cyberattack in February 2021
" On February 18, 2021, Afnor's entire business was brought to a standstill by a computer attack. The Ryuk ransomware had claimed yet another victim. Jean-Marc Aubert, Afnor's CISO, recounts the details of this long-term crisis management.
For the outside world, on the afternoon of February 18, 2021, the Association française de normalisation (AFNOR) speaks modestly of a "technical problem" with its websites. Its press service, fortunately more transparent, mentions the Ryuk ransomware. Behind the scenes, it all began a few hours earlier.
At 8:02 a.m., a message from the technical team alerted Afnor's CIO to a "small" problem: the sudden appearance of .RYK files on the company network. He immediately interrupted his vacation and called Jean-Marc Aubert, Afnor's current CISO, who was then in charge of security. This marked the start of a race against time to block the attack, followed by months of work to get the information system back into production.
Just 18 minutes after the alert began, the CIO and ComEx decided to shut down the entire information system. "All computers were shut down, and everyone went back to paper and pencil," explains Jean-Marc Aubert. "We're in the middle of the Covid phase, and all employees are under lockdown. We call back all IT Department staff, and set up a crisis management room. "
All hell breaks loose at AFNOR headquarters
The entire information system is shut down, and the crisis management team quickly gets organized. The IT team calls its contacts for help and handles the reporting aspect of the cyberattack. The Agence nationale de la sécurité des systèmes d'information (Anssi) is notified, as is the insurer. A complaint is lodged with the local police station, and the mandatory declaration to the CNIL is made within 72 hours.Jean-Marc Aubert also turned to the Office central de lutte contre la criminalité liée aux technologies de l'information et de la communication (OCLCTIC), which is familiar with this type of attack on French companies. "Fortunately, we had taken out cyber insurance a year before the attack. Another invaluable asset was the assistance contract we had signed with Airbus Protect, which enabled us to start our crisis management very quickly. And while our first call was to Anssi, the second was to our sales contact at Airbus Protect." "
https://www.lemagit.fr/etude/Ransomware-le-RSSI-de-lAfnor-raconte-la-cyberattaque-de-fevrier-2021
Credit : Alain Clapaud - LeMagIT

Carried along by the flow of excessive digitalization: aren't our 4.0 factories taking too many risks?
" Industrial companies are well aware of the cyber threats facing their connected factories. However, many of them admit that they are not ready to defend themselves.
Companies running connected factories all - or almost all - recognize that cybersecurity is an essential component of their operations. But this is not the case, according to a report published last week by CapgeminiHowever, many of them are unprepared for the growing number of cyber threats facing their plants. The report, based on a survey of 950 companies worldwide, finds that 80 % of them agree that cybersecurity is an essential component of running a smart factory, and that while more than half (51 %) recognize that the number of cyberattacks is likely to increase over the next 12 months, their current level of preparedness is low. ... "
Credit : Jean Elyan - Le Monde Informatique

Cyber-attack threats are on the increase, especially for manufacturers
" Faced with the proliferation of cyber threats, no company is immune, regardless of its size or field of activity. While digital sectors such as e-commerce have long been prime targets, the world of industry is now in the crosshairs of criminals.
One of the main reasons for this is the obsolescence or weakness of cybersecurity processes that have not been strengthened or even updated for a long time. It's not uncommon for existing systems to continue using the same security protocols as when they were launched, so attacks can quickly and easily interfere with operations. There is a misconception that cyber-attacks are becoming increasingly sophisticated or complex; in reality, criminals rely on well-established tactics and look for the most obvious and quickly accessible opportunities.. ... "
https://www.datasecuritybreach.fr/cybermenace-entreprise/?amp=1
Credit : Damien Bancal - Data Security Breach

Major cyber attack on hospitals in Eastern France
"The Groupement hospitalier de territoire de la région Grand Est has been hacked. As a new method of blackmail, the hackers have put the archive of almost 28 GB of data up for sale on the Darknet for a limited time. When it expires, if it is not sold, passports, medical analyses, bank details, patient files... will circulate freely on the networks.
[...] For the moment, it costs $1.3 million to purchase these data. At least, that's what the hospital group will have to pay if it doesn't want to be bought out by the wrong people. But that's not all, as this is a temporary "Premium" offer. Data is only available at this exclusive rate for one week. After seven days, if no buyer has come forward, the information will be freely distributed on the network... "
Credit : Louis Neveu - Futura Tech

Corporate cybersecurity: an important and sometimes even vital issue
"A study by PAC shows that CIOs and CISOs overestimate the IT security maturity of their organizations.
Is it still necessary to emphasize the importance of IT security in the face of growing cyberthreats? 55% of French companies have been victims of a cyberattack at least once in the last twelve months, and 30 % of them more than once, according to the latest PAC study on cybersecurity. Faced with this constant danger, one might expect companies to do everything in their power to protect themselves. However, the PAC study reveals a catastrophic overestimation of companies' level of IT security maturity. According to the research firm, 41 % of French companies are less mature in terms of cybersecuritý than they think, with 53% of companies surveyed declaring a high level of cybersecurity maturity. ... "
Credit : Bertrand Lemaire - Le Monde Informatique