The good news in a rather gloomy picture: the pace of ransomware cyber attacks has slowed down a bit since the start of the year.
The hacker gangs were busy last year deploying "ransomware" - crippling software, into corporate computer systems and supplementing their attacks with blackmail type extortion of stolen data.
A third of the 200 French companies surveyed suffered a ransomware attack in 2020, according to a study * commissioned by software publisher Sophos.
France thus ranks 2nd in the countries most targeted by cybercriminal groups, according to another recent analysis by the cybersecurity company Emsisoft.
The total cost of such an attack leaves a deep mark in the treasury.
By cumulating the technical unemployment of employees, the stoppage of activity and the costs to restart the computer system and sometimes the payment of a ransom, the bill reached € 913,000 on average (compared to € 1.5 million in the other country).
Estimated at 390,000 € last year, the financial impact has exploded and for some small structures, it can be the last blow.
There then arises the dilemma of paying a sum in cryptocurrency to restart the machine faster ...
A quarter of the 200 companies surveyed yielded to the blackmail of hackers against only 19% in 2020. They spent an average of € 128,000 - or 7 times less than the total budget for restarting - but ultimately not to recover all of the data stolen.
On average, the other companies in the 29 other countries studied paid € 140,000.
Yet "French companies tend to pay less because there is no collection company to carry out negotiations with hackers as institutionalized as in Anglo-Saxon countries", assures Gilles Sarquiz, cybersecurity consultant at Sophos .
An average ransom over € 120,000
“The figures are also partly distorted because few companies agree to communicate, even anonymously.
It's like during negotiations for the release of hostages, no one will admit that there has been a payment, ”emphasizes Gilles Sarquiz.
Several new trends appear in the background in this study and suggest a patch of blue sky.
The overall attack volume slowed down over the first few months of the year as “hackers focus on more interesting targets in terms of media impact such as hospitals or companies that have a lot to lose from disclosure of their information. data or loss of business ”highlights Sophos.
At the same time, hackers no longer systematically practice the scorched earth technique by encrypting and paralyzing the information systems of their victims.
In the majority of cases (69%), according to the study, they succeeded anyway in restoring their databases thanks to backups.
A barrier gesture to be adopted urgently.
*
Study conducted by
Vanson Bourne
, an independent British firm specializing in market research, during the months of January and February 2021 among 5,400 IT decision-makers including 200 French companies.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
