Cyberattacks: “Let’s stop blaming the victims and help startups!” »

On the night of February 12 or 13, 2021, the social landlord 1001 Vies Habitat suffered a cyberattack. ” All of our servers have been encrypted and most of our backups destroyed. The company found itself in a black hole, with the impossibility of communicating internally, with our tenants or our suppliers evokes with a certain emotion Michel Ogliaro, director of the economic and financial performance division of 1001 Vies Habitat.

This player in social real estate manages more than 90,000 housing units in 413 municipalities spread over six regions. Its turnover is 500 million euros and it employs 1,300 people. The first emergency was to find communication channels within the company, the second to pay the employees and the third to maintain the link with the tenants. ” The fourth priority consisted in succeeding in reaching our suppliers, both to continue the projects undertaken – we buy housing but we also build them – and to carry out the many daily interventions for which we call on small craftsmen. adds Michel Ogliaro.

It took until July for some of the computer systems to work again. A little over a year later, the activity was able to resume but all is not yet perfect.

Cyber ​​crime as a service

On the other hand, this event was an investment accelerator for the lessor, which had embarked on a strategy to modernize its IT infrastructure. 1001 Vies Habitat was unlucky: the cyberattack took place a month after the start of this security plan. “ We could not dream of a worse alignment of the planets! admits Michel Ogliaro. The economic impact of this cyber attack represented approximately half of operating cash flow.

The proliferation of cyberattacks of this type can no longer be ignored. They affect the public sector – 67 municipalities targeted in 2020 according to the Gazette des Communes and 730 incidents concerning health establishments in 2021 according to the ANS (Digital Health Agency) – as well as private companies. Ransomware attacks increased by +255% between 2019 and 2020 according to Anssi. However, many companies do not seem to have yet become aware of this threat which can paralyze their activity in a few clicks as experienced by 1001 Vies Habitat.

For Yann Bonnet, the deputy general manager of Campus Cyber, a 26,000 m2 place inaugurated on February 15 at La Défense which brings together 1,800 cybersecurity experts, the motivations of the attackers are diverse. ” There is espionage and sabotage, as the current conflict in Ukraine illustrates. But also these ransomware (or ransomware), which block computer systems and demand a ransom to restart them. It concerns everyone and the World Economic Forum has placed cyberattacks in its Top 10 risks. Some studies mention a huge cost of 6000 billion dollars “. A “cybercrime as a service”, the business model of software applied to cybercrime, with vendors offering ready-to-use attack kits on the Internet.

Automatic neutralization

Fortunately, there are solutions to protect against these attacks, such as those developed by the Bordeaux startup Tehtris. Founded in 2010 by two cybersecurity experts, Managing Director Elena Poincet, former DGSE employee, and Laurent Oudot, polytechnician who also passed through the Ministry of Defence, Tehtris is one of the rare companies to offer software for the automatic neutralization of cyberattacks without human action.

Everyone thinks that you only need to install an antivirus to be protected. It’s wrong. Antivirus only detects signatures present in viruses that enter the system. The problem is that ransomware is an unknown threat to antivirus. You need EDR (Endpoint Detection & Response) software, an artificial intelligence-based system that knows how to detect, analyze and neutralize any attack without human action describes Elena Poincet.

The CEO of Tehtris cites the example of one of her clients with a fleet of 50,000 machines. ” IT specialists had only installed our solution on 30,000 of them. They had felt that it was not useful to equip their data center with it. Result: it suffered a nocturnal attack. The ransomware attempted to spread to other machines but was automatically neutralized on all workstations protected by our software “.

The major advantage of this technology is to avoid recourse to human action, which will always be much slower than a computer attack. Tehtris, which offers solutions adapted to large groups and very small businesses, wants to become the European leader in this cyber defense market. In this electoral period, Elena Poincet has a message for the candidates for the presidency of the Republic. ” It is repeated everywhere that France wants to bring out leaders in cybersecurity. Well that we place orders! Let’s stop making the victims feel guilty and support sovereign solutions like ours! I don’t feel like I’m supported by my country “.