In 2022, French local authorities are increasingly confronted with cyberattacks, endangering their operations and the security of citizens' data.
According to a recent study published in the 'Journal des Communes,' at least 19 local authorities fell victim to attacks in 2022, a figure that highlights the urgent need to strengthen cybersecurity measures in the public sector.
The attacks map is here:
As of January 27, 2023, the map listed five regions, nine departments, 31 urban areas or community associations, 78 town halls, and 36 hospitals, clinics, or fire departments, targeted by cyberattacks since 2019.
The consequences of these attacks are devastating, sometimes paralyzing essential infrastructures for several days. Hospitals, in particular, have become prime targets, compromising the delivery of vital healthcare. Furthermore, the costs associated with restoring systems after an attack can be considerable. For instance, it's estimated that the Corbeil hospital had to spend 2 million euros to regain normal functioning.
The motivations of hackers behind these attacks are varied. While ransom demands are rarely paid by administrations, attackers can still profit from accessing personal, sometimes sensitive, data that they can sell for a high price on the black market. It is therefore imperative for communities, regardless of their size, to take preventive measures to avoid the paralysis of public services, the ruin of taxpayers, and the unauthorized disclosure of confidential data.
The government implemented the 'France Relance' plan in September 2020. This initiative includes a cybersecurity dimension endowed with a fund of 136 million euros. The objective of this component, entrusted to ANSSI (the National Cybersecurity Agency of France), is to enhance the security of administrations, local authorities, healthcare facilities, and public organizations while boosting the French industrial ecosystem."
« Local authorities are poorly prepared for cyberattacks! » according to Stéphane Bouché, president of Secuserve, a 100% French company specializing in cybersecurity.
Indeed, he emphasizes that local authorities are generally ill-prepared to face these threats. Structures often have disparate information systems, spread across vast territories, and users have varying levels of awareness of IT risks. As attacks multiply, it is essential to strengthen cybersecurity measures and educate municipal employees on best practices in IT security.
The most common attacks against local authorities target email, which represents the primary entry point for malware and phishing operations. Cryptolockers, with their ransom demands, are particularly lucrative for attackers. However, information theft through identity theft via SMS or email should not be overlooked.
To address these growing threats, the report from the Senate delegation on businesses, presented by Remy Cardon, Senator of Somme, and Sébastien Meurant, Senator of Val d'Oise, has put forward 22 proposals to strengthen cybersecurity.
Furthermore, the Association des Maires de France and Cybermalveillance.gouv.fr have developed a cybersecurity awareness guide, proposing 5 essential keys for successful awareness. It is crucial for local authorities to adopt these recommendations and implement concrete action plans to strengthen their resilience against cyberattacks.
The cyber warfare is only just beginning, and it is the responsibility of local authorities to take adequate measures to protect their systems, citizens, and public services. By investing in cybersecurity and raising awareness among their employees, local authorities can better defend themselves against malicious attacks and ensure a more secure digital environment for all.
Facing these cyber threats, in the framework of France Relance Plan, ANSSI proposes to significantly and sustainably raise the level of cybersecurity for beneficiaries by providing them with the necessary financial impetus for sustainable support and investment.
Secuserve is an expert in messaging and security, specializing in securing and improving professional emails. Through its e-securemail email filtering service (antispam, antivirus, anti-phishing, continuity planning, security, SMTP relay), the company is ready to accompany you throughout the summer to help you establish protection against cyber threats.
Contact Us
As part of the special feature, "Local Authorities Facing Cyberattacks". (avec Link to the article) du Journal des Communes Winter 2023, Find Stéphane Bouché's interview. Président of Secuserve.
Sources :