ANSSI annual report – The 5 cyber threats observed in 2018

ANSSI annual report – The 5 cyber threats observed in 2018
Image source: TheDigitalArtist via Pixabay

On April 15, 2019, ANSSI (the National Cybersecurity Agency of France), unveiled its annual report during a press conference. The agency identified 1869 alerts, 391 incidents without counting critical importance operators, 16 major incidents and 14 cyber defence operations for 2018. ANSSI also identified 5 major trends in terms of cyber threats observed in France and in Europe in 2018.

Analysis of cyber threat in 2018 – The 5 major trends

1.Cyber-espionage

Major concern for ANSSI in 2018, according to
the agency, cyber-espionage represents the highest risk for the organizations.

Extremely discrete, benefiting from important
financial resources, the attackers plan for many years highly targeted and
highly sophisticated attacks. In 2018, it was noted that the cyber attackers
are increasingly interested in vital activity sectors and specific critical
infrastructures like the defence, health or research sectors.

2.Indirect attacks

According to ANSSI, indirect attacks have known
an important increase in 2018. Indeed, to avoid the security measures
implemented by big companies, which are more and more aware of the cyber risk,
the attackers aim intermediaries, like providers, who are more vulnerable, to reach
their final targets.

Compromising one partner is enough to reach
many companies. So it is essential to choose partners that place their
information system’s security at the top of their concerns.

3.Destabilization and influence operations

Because of the nature of the targets and the
claims, these attacks though technically moderate, have often an important
symbolic impact. An increase has been observed in 2018.

4.Cryptojacking

For reminder, cryptojacking is a cyberattack
that consists in using the computer’s power of its victim to mine
cryptocurrency.

In 2018, many attacks of this kind were
observed. The more and more organized attackers benefit from the security flaws
to compromise their victims’ equipment by placing cryptocurrencies’ miners
without them knowing it.

5.Online frauds

Online frauds represent as much of a constant cyber threat for the companies and the big organizations as for the individuals. ANSSI noted an important growth of online frauds last year. Big operators are becoming more concerned about cybersecurity, so the attackers turn towards targets less exposed but more vulnerable, like territorial authorities or actors in the health sector which thus were the targets of many phishing attacks in 2018.

Conclusion

The multiplicity and the magnitude of the attacks observed during 2018, prove that it is essential to implement security measures to prevent these cyber threats, within big organizations, big groups as well as small companies.

The
conclusion is clear: 2018 proves once again that digital risk, far from being
ethereal, must be at the heart of our concerns. Not only those of ANSSI! The
cyberattacks affect all of society. That is why we must all seize the matter.” explains
Guillaume Poupard, ANSSI’s General Director.

First published at nameshield blog

Back to top button