The digital revolution is transforming our economy on a scale that we’ve never seen before. Industrial systems are becoming more and more reliant on technology, with an increasing number of them being hyperconnected. But with new technology comes new threats. Major economic players are now the target of choice for cyberattackers, so it’s more important than ever to find solutions to protect businesses and, above all, our most vital operations.
The 14th edition of the World Economic Forum’s Global Risks Report revealed how highly dependent businesses are on technology and how that is making them more vulnerable. “There were further massive data breaches in 2018, new hardware weaknesses were revealed, and research pointed to the potential uses of artificial intelligence to engineer more potent cyberattacks,” the report stated.
US-based think tank Center for Strategic and International Studies (CSIS) estimates that cyberattacks cost the world $600 billion every year – 0.8% of the global GDP.
According to the World Economic Forum, these threats “are being caused by the deepening integration of digital technologies” in critical infrastructure and at a national level. The French government platform Cybermalveillance.gouv.fr published its first assessment two years after it was launched, confirming the magnitude of the threat. In 2018 alone, there were 28,855 victims of cyberattacks. Of these, 3650 were businesses, which are particularly vulnerable to the effects of server breaches, phishing and viruses. Operators of Vital Importance (OVIs) are no exception.
The security of sensitive industrial and corporate systems was the core topic in discussions between stakeholders in the digital world at the International Cybersecurity Forum 2019 in Lille, France. “Don’t keep cybersecurity in your blind spot,” affirmed Guillaume Poupard, the head of the French National Cybersecurity Agency (ANSSI).
Huge risks facing OVIs
OVIs are defined as public or private operators with systems of such importance that if compromised in any way as a result of hacking, sabotage or terrorism, this could seriously endanger the country’s economic potential, ability to wage war, security or survival capacity, or seriously jeopardize the health or lives of its population. OVIs are divided into 12 sectors, such as food, health, state military activities, space and research, and industry.
There are plenty of reasons behind cyberattacks: stealing intellectual property or sensitive data, espionage, sabotage, hacktivism, the list goes on. Companies could be hit financially, their reputation could be damaged, and customers and partners could end up losing trust in them. “The financial cost far exceeds replacing computer stations or completely redesigning systems,” ANSSI concluded.
Ransomware (53%), spyware (47%) and malware that wipes out data (43%) were the most widespread types of attack that have hit businesses in France, according to a study by Infropro.
Many computer attacks identified by ANSSI aim to seize control of a computer system remotely. If a cyberattack becomes public knowledge, the impact on the company’s image and credibility can be extremely damaging. “Cyberattackers choose different types of attacks to achieve their objective, depending on their target’s level of protection and the context,” ANSSI determined.
Solutions to guarantee security
Hackers adapt their attack to how well their target is protected and what they want to achieve. They typically exploit well-known vulnerabilities and security weaknesses in IT systems – from poor configuration to a failure to install updates.
To tackle this growing threat, the Military Planning Act (Loi de Programmation Militaire) imposes certain cybersecurity regulations on . , for example, requires them to implement measures to strengthen their security. To protect their IT systems and comply with French legislation, OVIs must turn to providers that can provide them with tools offering the highest level of security possible.
SecNumCloud – the mark of confidence
The Oodrive Group is the first cloud service provider to obtain the ANSSI Security Visa, under the SecNumCloud label. Oodrive offers three private cloud solutions certified by SecNumCloud: iExtranet, PostFiles, and BoardNox. The group can provide its customers, OVIs, and public authorities with qualified solutions that meet the security requirements recommended by ANSSI.