The health crisis has led to a significant increase in the number of computer attacks targeting websites. In a press release published at the end of 2020, ANSSI reminds us that it is possible to protect against these threats by applying its recommendations presented in the "Guide d'hygiène informatique" and the "Note sur la sécurisation des sites web". An update on the increase in cyber-attacks.
More and more malicious acts
Against the backdrop of the global health crisis, the cyber risk has really intensified: fraudulent e-commerce, phishing, leakage of confidential data, theft of personal data... Malicious actions are multiplying and are mainly targeting companies that are spreading teleworking without having the time, for some, to prepare it securely.
In a study published in November 2020 by broker Bessé on the impact of the cyber crisis on the valuation of unlisted companies, the specialist notes that the number of cyber attacks rose by 25% in Q1 2020. The number of requests for assistance in the face of cyber attacks on the platforms of public security authorities in both France and the USA saw a similar rise in March 2020. For the broker, these figures are linked to the massive use of teleworking and the increase in cloud traffic.
For its part, ANSSI is also concerned about the doors opened by teleworking. Indeed, in France alone, the Agency points out that cyberattacks against companies or institutions quadrupled in 2020. In 2020, 192 large-scale attacks were recorded, compared with just 54 in 2019. Ransomware largely tops the list of threats detailed by ANSSI. Ransomware is paid over the Internet, in virtual currency, and demanded by criminal groups often based in Eastern European countries.
Computer attacks: what impact on businesses?
According to Bessé, the impact of an IT attack is largely underestimated by companies. And yet, in the context of the current health crisis, this aspect is all the more important given that the players involved are already highly vulnerable.
In concrete terms, for unlisted companies, the economic shock associated with the appearance of a threat can be assessed using data such as the default score and the days past due indicator. Broker Bessé has analyzed these data for an initial sample of unlisted international companies. This analysis shows that the risk of default increases by an average of 40-50% in the 3 months following the announcement of a cyber event. For the sample of French companies, the risk of default even increases by 80% over the same period, and the number of days of late payment rises by 55% 6 months after the incident.
Today, prevention and insurance remain the best ways to protect yourself and cover the risks resulting from attacks on IT systems.