Cyberattacks: a political phenomenon
On Friday 5, 2017, the day before the presidential elections in France, the French political movement “La République en marche!” of Emmanuel Macron, elected since president of France, was targeted by a cyberattack.
A cyberattack refers to the commission of a wrongdoing, often criminal, on computer networks with the intention of harming a victim. Nowadays, cyberattacks are often used as weapons in order to convey political messages. Data or money thefts via computer networks are also witnessing a substantial increase.
In France, during the last hour of the past presidential campaign, documents were stolen from the personal mailboxes of several executives of the En Marche! movement and false documents were also produced. All these documents were then massively broadcasted on social networks. Being informed of these acts, some senior officials of the US National Security Agency (NSA) immediately warned the Macron team. The major suspect is a Russian group of far right, without any evidence though.
Yet, a few months earlier, on February 15, former Minister of Foreign Affairs, Jean-Marc Ayrault, sent a message to the countries that were potential suspects of interfering in the French presidential election. The Russian Federation was already targeted by this message seeing that the former minister assured that France will not accept any interference in its electoral process any more from Russia than from any other state.
Indeed, the record of 2016 must have worried the leaders of the French administration as well as the private sector. According to the latest Dimension Data report “Executive’s Guide to the NTT Security 2017 Global Threat Intelligence Report“, cyberattacks targeting the public sector have doubled in 2016. The previous year, in 2015, the proportion of cyberattacks directed against it was 7%, whereas at the end of 2016, this share went up to 14%. In light of these figures, it is important to note that, according to former French Defense Minister Jean-Yves Le Drian – and now Minister of Foreign Affairs -, the security devices of the ministry have blocked 24,000 external attacks.
In addition, Marc Ogoli Socin, Head of Security at Dimension Data France, underlined that governments around the world are constantly threatened by attacks coming from rival states, terrorist groups, hacktivists and cybercriminals, because government agencies hold large amounts of sensitive information – whether personal data, budget data, or secret information.
The same observation applies to the private sector in general. The latest Dimension Data report shows that the finance sector is the second target of cybercriminals, after the public sector. In 2015, attacks on the finance sector represented 3% of the total number of attacks. By the end of 2016, this proportion reached 14%. However, the danger does not only concern finance.
What binds all these attacks are the data held by companies or public entities. For instance, the French company Orange, specializing in telecommunications, was the victim of a cyberattack in 2014, which resulted in the theft of 800,000 customers’ personal data (such as their family name, first name, address and telephone number). Beyond this incident, Sony – a Japanese Telecommunications Company – suffered from a similar attack in 2014, but also the Hollywood Presbyterian Medical Center in California in 2016 and San Francisco public transport in 2016. These last two attacks were carried out by experts who paralyzed and took control of the computer systems.
Despite the continuous increase of cyberattacks, the awareness on the subject and the reinforcement of cybersecurity systems by the companies, hackers are also getting better. In fact, a group of hackers, baptized Turkish Crime Family, managed to steal identifiers and passwords from 750 million Apple customers. The company had to pay a heavy amount of $100,000 to the pirates to solve the issue.
Cyberattacks: a new harmful weapon against trademarks
In 2016, twice as many cyberattacks were recorded in France. This has serious consequences for brands, seeing that a number of consumers recognizes that their loyalty to a brand diminishes after a cyberattack affecting the data entrusted to the company.
The Yahoo’s scandal in 2016 caused real anger among consumers, who believed that their data was protected. Similarly; the theft of photos and videos on Snapchat in 2014 has provoked among users a backward movement towards the social network.
The 2016 study of The Economist entitled “Cyber-security: The gap between the C-suite and the security team” indicates that the most important asset in a company is its reputation among its clients. Indeed, the brand is one of the most valuable assets of the company; an attack against it affects the whole company. The brand of a company makes its reputation. It takes years to get a true brand image from customers, but keeping it is an enterprise to be continued day after day. An attack is particularly dangerous when it targets customers; if the personal or financial data of the customers are recovered by the hackers, chances of losing these customers get higher, especially that the financial performance of the company will suffer. For example, when US retailer Target revealed to its customers that an attack against them affected 110 million people, the company’s sales fell by 4% and its profit collapsed by 50% the following quarter. In addition, the share price lost 46% and the company’s CEO had to step down.
Moreover, according to the same study, most business leaders but also consumers are confident that more dangerous attacks will occur in the future. Indeed, more than a quarter of managers and more than 38% of IT executives believe that their company will undergo a heavy attack in the next three years. In addition, more than 60% of managers believe that the impact of attacks will affect their clients’ personal data. It must be noted that the market of personal data is vast and the exchanges of data regulary grow. Personal data have become the new money.
How to recover from a cyberattack?
The Economist’s report gave out some advice in order to protect its clientele, and by extension its company and its image.
First, it is important to have a flexible architecture-based defense. Indeed, by constructing architectures sufficiently flexible and adaptable to offer a high level of protection, the company’s IT department can easily moderate and curb the attack. In addition, it is important to avoid any shutdown and ensure the continuous activity of the company. The competent departments must put everything in place to eliminate the attack but also resume the activity as soon as possible. The longer the activity is interrupted, the less confident is the consumer in the company. It is also wise to communicate all the bad news at once. Indeed, customers will forgive more easily and retain their confidence in the company if everything is confessed, but it is necessary to work on the speech. In addition, it is necessary to communicate the solution reached in order to show that the obstacles are outdated. Thereafter, it is recommended to analyze the attack in depth in order to consolidate the company’s system.
Cyberattacks represent the new threat against companies and especially brands. Small and medium-sized enterprises with often insecure systems are particularly vulnerable, so they are an easy target. However, market giants, and especially the Internet giants, are often targeted given the amount of data they hold. In May 2017, Google suffered a phishing attack on Gmail, which spread out even before the company noticed it. As a result, cyberattacks are on the rise and companies have to stay alert and perpetually improve their security. As far as the legal aspects are concerned, it is recommended to set up a strategy of risk & compliance (know-think-act). This strategy includes monitoring of domain names, social networks and Apps. The strategy consists of a phase of study and analysis in order to implement systematic actions. Currently working on these topics for many companies, there is work on the board!
IPzen protects and defends your IP rights on the Internet
Get peace of mind by subscribing to one of our watch services. You will be able to protect your intellectual property rights without risking any potential usurpation.
We will help you in any activity concerning domain names, whether with respect to a registration, a transfer or a renewal.
Your domain names will be protected thanks to our 24/7 social network watch services for all types of domain names, including internationalised domain names. As soon as any usurpation of your rights is detected, you will have automatic access to the results.
With IPzen Watch Service Plus, save time and money and ask our IPzen team to filter and analyse the watch results based on your own criteria.
IPzen will help you transfer or cancel a litigious domain name and will assist you in the dispute resolution procedure. IPzen will also attempt to remove any content which may compromise your commercial interests.