2020: the year of cyberattacks against local authorities
Local authorities & cyberattacks: a sad and grim assessment for 2020!
In France, (too) many local authorities have been victims of cyberattacks, particularly ransomware. In recent months, we have seen a clear increase in the number of cyberattacks against local authorities, sometimes paralyzing their services for several weeks.
Unfortunately, the list of examples is considerable:
- In early March 2020, the city of Charleville-Mézières and Ardenne Métropole, whose computer systems were paralyzed for several days.
- The Aix-Marseille-Provence metropolitan area targeted by hackers in March 2020.
- The Grand Est region and the Eure-et-Loire Departmental Council are further examples of the growing threat this year.
- At the end of April, it will be Toulouse's turn, followed by Besançon at the beginning of September.
- Not to mention the town of Mitry-Mory, which was the target of a cyberattack in mid-July.
- Among the victims, the Greater Cognac metropolitan area was hit by ransomware during the night of October 11 to 12, 2020.
- In early November 2020, the cities of Vincennes and then Alfortville were the targets of a cyberattack, likely involving ransomware.
- On the morning of December 17, 2020, 2,500 employees of the Évreux town hall and Évreux Portes de Normandie were left without internet or telephone service. (France 3 Région“Cyberattaques en série en Normandie”[Series ofcyberattacksinNormandy]).
- In the Oise department, remote working led to cyberattacks on 15 local authorities in 2020 (Le Parisien).
- The town of Antony (92) was hit in December by a ransomware cyberattack,causingcertain procedures to be temporarily unavailable and paralyzing some services.
- The Greater Annecy and La Rochelle metropolitan areas were victims of cyberattacks on the weekend of December 27. (source: Le Monde Informatique)
And, as Le MagIT points out in its article "Ransomware: the relative transparency of local authorities," this is only the tip of the iceberg.
To curb the spread of these cyberattacks as quickly as possible, cities must now equip themselves with appropriate IT defenses...and without delay!
Why are local governments targeted by cyberattacks?
These cyberattacks generally have two objectives, which can also be combined:
- Demand a ransom from the community.
- Extorting personal data from agents and users in order to exploit or resell it on the "Dark Web."
For example, a pay slip contains various pieces of information: first and last name, address, social security number, etc.
Guillaume Poupard, Director of ANSSI, points out that "digital transformation comes with risks," including:
- the "defacement of websites,"
- the "theft of sensitive data, particularly personal data,"
- the "hijacking of email accounts and social media accounts,"
- or even "ransomware."
"When a cyberattack occurs,
in addition to the impact on the municipality's image
and the damage to the trust of its citizens,
it is the elected official's own responsibility that may be called into question,"
he reminds us.
Securing local authorities would be "a priority for 2021."
In order to raise awareness among elected officials and their departments about cyber risks, the Association of French Mayors (AMF) has published a guide (la gazette.fr). ANSSI contributed to this guide.
It states, in particular, that in 2019, the agency recorded 92 cyber security incidents affecting municipalities and inter-municipal authorities.
The guide reminds readers that all municipalities and intermunicipal authorities are affected. Indeed, all of them may be targeted or impacted. It then offers several recommendations, tailored to the structure, to deal with attacks as effectively as possible.
It provides practical advice on governance, resources, and resilience. The guide suggests priority areas for action to be strengthened or developed.
A good understanding of cybersecurity issues will enable elected officials and their departments to develop protection for their information systems, guard against IT disasters, and thus build collective digital security.
In 2021, raising employee awareness of cybersecurity is becoming a priority.
According to the cybersecurity guide "Communes and Intermunicipal Authorities" published by ANSSI, cybersecurity requires training for all employees.
Thousands of agents and almost as many computer workstations connected to around a hundred servers on which all local authority data is stored: a prime target for cyberattacks!
"We have seen a steady increase in attacks," says Bruno Caudal, head of IT security for the city of Vannes since 2015 and data protection officer since November 2018.The most common type of attack is still the booby-trapped email with an attachment or link. If you open the attachment or click on the link, it introduces a virus that can encrypt all the files on the computer, as well as on other computers on the network." (La Gazette.fr)
Avant de Cliquer is the best anti-phishing solution that helps communities of all sizes protect themselvesby raising awareness among employees about cybersecurity and training them toavoid phishing traps.
