A window that appears on a Monday morning when a computer starts up demanding the payment of a ransom of $ 135,000 to unlock it. This is the mishap that happened three weeks ago to company XXII, a company specializing in computer vision technologies based in Puteaux (Hauts-de-Seine). Hackers took advantage of an automatic Windows update to install the ransomware. "Only one workstation was infected, but it polled 70 of the company's computers and 30 servers," said William Eldin, president of XXII. We did not pay the ransom and remove the attacked computer, but we could have lost all of our data, all development. "
Like thousands of TPE PME 🇫🇷, @XXII_GROUP was the target of a #cyberattack, fortunately well managed.
Better information to better protect is the objective of the new alert system of @gouvernementFR and inter-professional organizations, which I present in Puteaux.
pic.twitter.com/1I0lMpp08b
- Cédric O (@cedric_o) July 20, 2021
These misadventures are more and more frequent.
And it is to avoid them as much as possible that a new alert system for small businesses in the event of a major cyber incident has just been put in place.
“This is a sort of cybercrime weather alert to inform VSEs and SMEs as soon as a serious event occurs and may affect them,” explains Christian Poyau, co-chairman of the Technological changes commission at Medef.
"The best way to protect yourself is to have a general awareness," supports Cédric O, Secretary of State for Digital Transition and Electronic Communications.
2 to 5 alerts per year
Concretely, when a vulnerability or a particularly critical attack campaign is identified, a brief notice will be published by the national victim assistance system cybermalveillance.gouv.fr and the National Information Systems Security Agency ( ANSSI). It will then be sent to inter-professional organizations (Medef, CPME and U2P), to Chambers of Commerce and Industry (CCI) and Chambers of Trades and Crafts (CMA), as well as to France Num, which supports the digital transformation of small businesses. It is up to them to relay it to their networks. In total, around one million small businesses will be affected by this communication.
Each "Cyber security alert" includes the description of the problem, the risk incurred (data theft, destruction, ransom, etc.), the computer systems concerned ... "Each time, the message sent will contain the solution, for example a system update , to solve the problem, explains Jérôme Notin, director general of the public interest group Action contre la cybermalveillance (Acyma). And we will only publish 2 to 5 vulnerability alerts per year, in order to maintain a high level of vigilance among business leaders. "
