Cybercrime in France and Europe
Fight against cybercrime in France and Europe: figures and action levers
Attacks are multiplying due to the ever greater gains they allow and the resurgence of conflicts, both at national and European level. What are the cybercrime figures in France and around the world? How are the European and French cyber defense plans organized? Here are the latest elements concerning the fight against cybercrime in France and Europe.
Cybercrime figures in France and around the world
In recent years, cybercrime has only increased in France and around the world. More and more businesses, organizations and individuals are falling victim to cyberattacks. Here is a compilation of figures and statistics of cybercrime, in order to measure the importance of cybersecurity for the future years.
Cybercrime in France: the figures
In 2021, more than 54% of French companies suffered a computer attack. This percentage, taken from the CESIN 2022 Corporate Security Barometer, is cause for concern.
For its part, the ANSSI (National Information Systems Security Agency) specifies that 43% of cyberattacks have targeted small and medium-sized enterprises, which are less equipped to deal with hackers. Local authorities (20% of cyberattacks) and hospitals (11%) are also hard hit, as are large companies (26%).
Cyberattacks: ransomware attacks on the rise
Ransomware attacks – or ransomware – have increased by 255% against French organizations in 2020. Overall, cyber threats have increased by 400% worldwide since the start of the health crisis, according to the DELTA group.
Ransomware is software that deprives a company or individual of their computer data. In exchange, the cybercriminals ask them to pay a ransom. Very often, this is paid for by the victims, in particular individuals and SMEs, who have no other means of recovering their data.
Other major cyber threats include:
- malware, which accesses and damages a device without permission;
- clandestine mining, which infiltrates a computer or a telephone to produce cryptocurrency without the consent of the owner;
- the theft and disclosure of information and personal data.
Increasing computer attacks
According to an expert report by Leonardo, a major Italian aeronautics and defense group, cybercrime cost more than 6,000 billion dollars (5,700 billion euros) worldwide in 2021. In France, each attacked company lost an average of €50,000. This represents approximately 27% of turnover.
Indeed, a computer attack causes an interruption of activity, a deterioration of the computer equipment, as well as a potential data leak. Not to mention the impact on the reputation of the company. Around 60% of SMEs attacked end up filing for bankruptcy within 18 months of the attack.
Phishing, hackers’ favorite cyberattack
Phishing, or phishing, accounts for around 80% of cyberattacks worldwide. This technique consists of deceiving an Internet user by pretending to be a site or a trusted person, in order to steal his personal data (passwords, bank identifiers, etc.).
Google has identified more than 2.1 million phishing sites in January 2021 alone. In France, almost one in two Internet users has been the target of a phishing attempt by e-mail or by telephone. In the European Union, the rate is 35%. Nearly half of phishing attacks (47%) take place while working from home. This figure symbolizes the lack of employee awareness of fraudulent emails.
Evolving cybercrime techniques
The profile of cyber-attackers evolves and the attacks with them, each bringing a different methodology. For 35% of victim organizations, the attack was the result of a previously unknown technique. Whereas before the health crisis, innovations only concerned 20% of attacks. Proof that hackers are constantly finding new vulnerabilities to deceive companies, organizations and individuals.
Cybersecurity, a booming sector
In 2021, 40% of French companies have invested in their cybersecurity. In addition, 20% have increased their budget for the fight against cybercrime. The amounts invested are mainly directed towards:
- risk audits;
- employee awareness operations;
- the development of an IT systems protection department;
- the purchase of protection software and new computer hardware.
More than half of French companies want to strengthen their IT defense systems in 2022.
The fight against cybercrime in Europe
Cybersecurity is becoming a major issue in European policy, as 22.3 billion devices worldwide will be connected to the Internet by 2024. Indeed, cybercrime causes many problems. Especially since sectors as crucial as logistics, health or public services are becoming dependent on the computerization of data. The European Union is reacting firmly to fight against cyberattacks.
Increased room for maneuver for ENISA
Created in 2004, the European Network and Information Security Agency (ENISA) saw its responsibilities reinforced in 2019. This organization cooperates with Member States and European bodies, with the aim of increasing security digital on the continent. In 2019, new technical requirements, certification schemes and standards were implemented.
Creation of the European Cybercrime Center
In 2013, the European Union opened a structure specializing in the fight against cybercrime in Europe within Europol, in The Hague (Netherlands). This center focuses on online crimes, pedocrime and financial fraud.
Implementation of “NIS 2” and other tools to fight cybercrime
Prior to the implementation of the 2019 regulation which strengthened the powers of ENISA, the European Union had created the “NIS” directive (for “network and information systems security”). Several IT security systems were established in strategic sectors (transport, energy, finance, health).
The European Commission expanded the legislation in December 2020, with the “NIS 2” directive. This protects a greater number of sectors (public administration, waste and wastewater management services, etc.).
In addition, a European network for digital crisis management, EU-CyCLONe, has been created to develop coordination between Member States during large-scale cyberattacks. At the same time, in May 2022, the “DORA” (“digital operational resilience”) regulation was created to strengthen the security of digital systems in the world of finance (banks, insurance companies, cryptocurrency producers) .
Finally, the European Commission wants to improve connectivity and access to the Internet with the placing in low orbit of a constellation of satellites. The device aims to preserve the service in the event of a major cyberattack. Common rules on the cybersecurity of products throughout their life should emerge during the year 2022.
The fight against cybercrime in France
France has had a “National Strategy for Digital Security” since 2015. The national system responds to IT challenges, as well as threats targeting digital technology.
The objectives of the National Strategy for Digital Security
The national cybersecurity plan has been developed around five major axes:
- protection of national sovereignty;
- strengthening responses to acts of cybercrime;
- public awareness of cybersecurity;
- development of a competitive digital security advantage for national companies;
- France’s progress internationally in the fight against cybercrime.
Actors in the fight against cybercrime in France
The French system has several operational players in the cybersecurity sector:
ANSSI, or National Information Systems Security Agency. Created in 2009, the organization is an authority on national cybersecurity. It manages prevention and response to computer attacks against institutions.
The Ministry of the Armed Forces. A cyber defense command (COMCYBER) has existed since 2017, under the aegis of the Chief of Defense Staff.
The Ministry of the Interior, which fights against cybercrime in all its forms. Several specialized central and territorial services of the national police, the national gendarmerie and internal security have been created. They protect national interests, economic actors, public authorities and individuals.
France, an influential country in the fight against cybercrime
France is taking action internationally to stabilize and secure global cyberspace. Numerous works, carried out by the Ministry for Europe and Foreign Affairs, are coordinated with European and international legislation. Several issues motivate this initiative, such as the acquisition of strategic digital autonomy for the EU, or the strengthening of cooperation between EU Member States.
France also plays a crucial role in promoting a stable and secure cyberspace, by being at the origin of the Paris Appeal, delivered by the Head of State in 2018. This declaration recalls the application of the law international law and human rights in cyberspace and lists its fundamental principles.
Committed to the fight against cyberwar and in favor of cyberpeace, the CSB.SCHOOL has also responded to this call from the President.
The only way to win cyberwar is to avoid it. Hamadoun Touré, Secretary General of the International Telecommunication Union (United Nations).