“When the service manager arrived, he saw a black screen. None of the phones worked. We quickly realized that we had been attacked. » In front of the cybersecurity specialists gathered in Rennes, the testimony of the mayor of Betton brought a lot of clarity. Victim of a cyberattack on August 31, the town of 13,000 inhabitants located north of Rennes saw 22,000 of its files “go into the wild”, as Laurence Besserve explained.
Refusing to pay the ransom requested by Medusa hackers, the municipality saw public documents from municipal councils, but also a lot of much more confidential data concerning staff and residents escape. “We were a little helpless. We are not specialists at all,” recalled the mayor at the end of the first day of the European cyber week, which is being held in the Breton capital.
His municipality was the first to benefit from advice from Breizh Cyber, a new response center created by the Brittany region to try to help victims of web pirates. “When we are attacked, there is an anxiety-provoking feeling that can arise. Public authorities must take their part,” explains Jérôme Tré-Hardy, vice-president of the region in charge of cybersecurity. Imagined a year ago, this new center is intended as a response platform for victims of attacks, described as “a digital Samu”. “Our role is first to qualify the situation, to assess the seriousness. If it is benign, we can treat it directly,” explains Guillaume Chéreau, director of the structure which has four experts.
What if the attack is too serious?
If the injury is too serious, digital ambulance will not be able to treat it. But he will know how to provide first aid before handing over to more qualified personnel to treat major attacks. “The first piece of advice we were given was to cut everything off to avoid the spread. Then, we started looking for the loophole in order to put barriers in front before starting everything again,” explains the mayor of Betton. To support communities, the region has set up a free number (0.800.200.008) and a website in order to inform those who are furthest away from these questions of digital piracy.
In Brittany, several large-scale attacks have taken place in recent months. The Brest and Rennes University Hospitals were particularly disappointed and saw thousands of files containing personal data disappear. But the region is not the only one to equip itself with a local support tool. In total, 6 CSIRTs (Computer security incident response team) were created in France in agreement with the National Information Systems Security Agency (Anssi).
Appointed in January, its director Vincent Strubel insisted on the preponderant role of these regional structures. “The state is not going to do it alone. On the issue of cybersecurity, we need proximity,” assured the director, before warning of a risk. “We should not create houses that drive you crazy like in Asterix, with a ticket window that sends you to another ticket window. Above all, you will need to know how to inform the actors. »