France/Brittany: In the wake of increasing attacks, the region creates its own cybersecurity center
Presented at the European Cyber Week event in Rennes, Breizh Cyber is a public cyber-attack response service designed to provide information to local authorities, companies and associations faced with a cyber-attack. This "digital Samu" will provide first aid if the injuries are not too serious. Before handing over, if need be.
"When the service manager arrived, he saw a black screen. No phone was working. We quickly realized that we'd been attacked." In front of the cybersecurity specialists gathered in Rennes, the testimony of the mayor of Betton provided a great deal of clarity. Victim of a cyber attack on August 31, the commune of 13,000 inhabitants located north of Rennes saw 22,000 of its files "disappear into thin air", as Laurence Besserve explained.
Refusing to pay the ransom demanded by the Medusa hackers, the commune saw public documents from municipal councils, but also a bundle of much more confidential data concerning staff and residents escape. "We were a bit helpless. We're not specialists at all", recalled the mayor at the close of the first day of European Cyber Week, held in the Breton capital.
Her municipality was the first to benefit from the advice of Breizh Cyber, a new response center set up by the Brittany region to help victims of Web hackers. "When you're attacked, you can feel anxious. Public authorities must do their part," explains Jérôme Tré-Hardy, the region's vice-president in charge of cybersecurity. Conceived a year ago, the new center is intended as a response platform for victims of attacks, described as "a digital Samu". "Our role is first to qualify the situation and assess its seriousness. If it's benign, we can treat it directly", explains Guillaume Chéreau, director of the structure, which has four experts.
And if the attack is too serious?
If the injury is too serious, the Samu numérique won't be able to treat it. But it will be able to provide first aid before handing over to more qualified personnel to deal with large-scale attacks. "The first piece of advice we were given was to cut off everything to prevent it spreading. Then we started to look for the fault and put up barriers in front of everything before starting up again," explains the mayor of Betton. To support local authorities, the region has set up a toll-free number (0.800.200.008) and a website to provide information for those who are less familiar with the issue of digital piracy.
In Brittany, several large-scale attacks have taken place in recent months. The Brest and Rennes university hospitals have been particularly hard hit, with thousands of files containing personal data stolen. But the region is not alone in setting up a local support tool. A total of 6 CSIRTs (Computer security incident response teams) have been set up in France, in agreement with the Agence nationale de la sécurité des systèmes d'information (Anssi).
Appointed in January, director Vincent Strubel emphasized the key role of these regional structures. "The State is not going to do it alone. When it comes to cybersecurity, we need to be close to our customers", said the director, before warning of one risk. "We mustn't create houses that drive people mad, like in Asterix, with one counter sending you to another. Above all, we need to know how to inform the players."