Tuesday, April 23, 2019
Home Business Cyber ​​attackers target business intermediaries more

Cyber ​​attackers target business intermediaries more

"The attackers can not go through the door. They try to go out the window ». Presenting Monday, April 15 the annual report of the National Agency for the security of information systems (Anssi), Guillaume Poupard, its director general, wanted to characterize the new types of cyberattacks: failing to directly attack large organizations, which take the means to protect themselves from their aggressions, the attackers seek henceforth to reach them through their providers or suppliers.

1,869 reports, 16 major incidents and 14 cyber-defense operations were recorded by Anssi in 2018. About half of them are attacks. "Indirect".

France also the target of a "malicious cyberactivity"

One intermediary, several organizations

"The threat of these indirect attacks increases as the final targets become secure," explains the Anssi report. The cyberattackers manage to circumvent the security measures of very large organizations, more and more aware of the numerical risk.

Access to a single intermediary is sometimes enough to gain privileged access to several organizations, thereby increasing the return on investment of attackers. "They can then conduct large-scale campaigns targeting multiple targets of high strategic interest", says the report, exploiting a relationship of trust that intermediaries have with the final target.

Airbus: infiltration via a supplier

Last January, the aerospace giant Airbus announced that it had been the victim of a "Cybersecurity incident" in the computer systems of its commercial aviation branch. The cyber-investigators uncovered an attack of several weeks, conducted in two stages.

The cyberattackers began by penetrating the computer systems of one of the French suppliers of Airbus. Alerted by the Anssi in December 2018, the latter then informed the aeronautical group. After a few days of investigation, the experts realized that the attack on the subcontracting company was in fact aimed at the Airbus group itself.

Providers are often smaller companies, less prepared for this type of attack. It is then easier for attackers to have access to protected data, such as the identifiers or passwords of the final target.

Raise awareness among providers

The evolution of this threat over the past few months has prompted Anssi to raise the awareness of service providers about this type of risk. The agency handed over in June its first "Security visas" to 36 IT service providers, and wishes "Enhance the visibility of excellence solutions".

Anssi has also published the finalized version of its requirements repository for cloud computing service providers called "SecNumCloud" developed in consultation with market players. The list of service providers in qualification or qualified is available on the Anssi website.



Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Must Read

When Did Kim Kardashian Become the Most Boring Kardashian?

Back in the early 2000s, Kim Kardashian was really the only one of her sisters whose name was...

Sunburn Igor Kokoskov, the proof that the franchise is a model of stability

The Phoenix Suns, an NBA franchise model, if your goal is to burn metaphorically with the heat and scent of a big...

Line-of-duty viewers spot big mistakes in the show's shocking final episode

duty line The spectators expect that they have found in the last episode of a rather conspicuous editing error.With all the latest shocking twists...

Kamala Harris joins impeachment while Democrats remain split US news

Hello and welcome to our live blog coverage of the White House 2020 race. Senator Kamala Harris, a presidential candidate, raised a few ears...

An 18-year-old football coach accused of murder found dead in the apartment over Easter

These are the first images of a football coach who was found dead in a Stoke apartment this weekend - when an 18-year-old man...