The International Cybersecurity Forum (FIC), high mass of the sector, brings together from Wednesday in Lille, in the north of France, experts, specialized companies and “ethical” hackers to discuss the rise in attacks and the means of answer to.
Each year, cybercriminals without borders carry out hundreds of millions of digital attacks, both against individuals and against large companies or communities.
Their modi operandi most often consist of asking for a ransom after having locked or stolen data, reselling it on the “dark web” (the most difficult to access part of the internet, editor’s note) to the highest bidder, or even convincing their victims, by a phishing email, to click on links to, for example, steal their bank codes and make a transfer for their benefit.
Cybersecurity company Trend Micro detected 4 million ransomware threats in Q3 2022, up 22% year-on-year.
Awareness is gradually spreading in France, where many organizations have not yet taken sufficient protective measures.
The FIC, which lasts three days and where 15,000 visitors are expected, is held in the midst of a cyberattack against the city of Lille, which on March 1 recognized a major theft of personal data, in particular of its agents, with a ransom demand. Quite a symbol of the expansion of this threat to the whole of society.
Hence the desire of the French Agency for the Security of Information Systems (Anssi) to distribute turnkey solutions to all, as explained to AFP by its new director general Vincent Strubel.
“Dark chatGPT”
Potential weapons, “artificial intelligence tools like chatGPT offer criminals new opportunities”, reported the European Police Agency Europol at the end of March.
The chatbot could be used to craft particularly believable phishing emails or to create malware.
AIs capable of copying voices and faces have also been used for “vishing” – phone phishing – to pose as bosses and request emergency transfers of several million euros.
Europol also fears the spread of large language models available on the “dark web” without protection and trained with harmful data, “dark chatGPT”.
However, cybersecurity experts too could rely on AI to spot threats.
Other new vulnerabilities: connected objects, from speakers to smart cars, with risks not only of data theft but also of breakdowns and even accidents.
Poorly protected organizations, as communities or hospitals often are, have become prime targets, even if they rarely pay ransoms in France.
Massively affected, companies sometimes resign themselves to paying a ransom – one in five in France, estimated the British insurer Hiscox in 2020.
Often, they do not recover: nearly one in two SMEs that have lost their data go bankrupt within 12 months, according to Hiscox.
Cyberattacks by states or “hacktivists” are also on the rise, but Ukraine has shown that a country can defend itself against massive attacks, such as those launched by Russia against its infrastructure.
The moment most feared by the French authorities remains that of the Paris 2024 Olympics, which are likely to attract all hackers. In February, cybersecurity expert Damien Bancal spotted hackers on the “darknet” who were proposing to use a flaw discovered on a site linked to the Games, he told Challenges magazine.
More and more organizations are therefore becoming aware of the importance of investing in cybersecurity. According to Gartner, this market will reach 267 billion dollars in 2026 against 172 billion in 2022. But the global cost of damage from cyberattacks will reach 10,000 billion, according to McKinsey.
This year, the FIC will be opened by the European commissioner Thierry Breton but boycotted by the services of the State, after the revelation of dubious practices of influence of its co-organizer, the firm Avisa Partners.