6th e-Crime & Cybersecurity Paris, 18th May 2017
“We were a couple of hours from having the whole station gone for good,”
Yves Bigot, director-general TV5Monde
“Effective security must reach beyond the organisation to subcontractors, suppliers, partners and clients,
Stephane Lubenec, CIO, BNP Paribas
France is at the epicentre of two of the most significant escalations in the world of cyber-threats: the increased participation of state-actors testing their capabilities against private companies and the emergence of the Internet-of-Things as a vehicle for next-generation DDoS and other attacks.
Conventional wisdom says that companies should focus on the everyday threats, such as phishing, and not worry too much about the rare and exotic – like state actors. France shows that that view is out of date.
The recent attack on TV station TV5Monde came close to destroying the internet-connected hardware on which the station relies to transmit its programming. The attack took down the entire station and is one of the first times that a cyber-attack has had the single purpose of destroying physical, private-sector infrastructure.
Analysis points to Russian hacking group APT28, which cyber-solution vendors and intelligence agencies have concluded is linked to the Russian state. Not long afterwards, hosting giant OVH was hit by the largest DDoS attack yet made public – a 1.1 Tbps assault carried out by a botnet made up of tens of thousands of Internet of Things (IoT) devices.
These attacks show that French (and other) companies must now defend themselves on two fronts: first they must be able to maintain security against the ‘standard’ palette of cyber-threats – malware, ransomware and other forms of spam and phishing – which companies already find difficult. Second, it is now clear that state actors and APTs are an existential threat to businesses in all sectors, and that they cannot be dismissed as an exotic rarity. They are now part of the everyday life of the CISO.
The 6th e-Crime Information Security France will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data. There will be real-life case studies, strategic talks and technical break-out sessions. It will provide an opportunity for local firms to compare domestic solutions with international best cyber-security practice while networking with industry peers, suppliers and law enforcement.