Cybersecurity – companies are providing their attackers with weapons themselves!
In 2022, nearly one in two French companies was the victim of acyberattack. This figure calls for vigilance, especially given that the geopolitical context and the upcoming Olympic Games will provide cybercriminals with numerous opportunities to cause harm. To defend themselves, companies mainly rely on one tool: the firewall, which is supposed to block malicious attempts on all internal and external traffic. However, five major suppliers dominate the global market, equipping a large proportion of companies. This affordable equipment is readily available to hackers, who use it to identify vulnerabilities and refine their attacks!
Firewalls, the blind spot of cybersecurity
Today, most organizations are equipped with firewalls, which are at the heart of their cybersecurity systems. With a market dominated in France by industry giants, these entry-level devices are within reach of any cybercriminal looking to make a quick buck! Some of them have gotten into the habit of installing them in their own infrastructure to prepare and simulate their attacks. Once these have been validated, all that remains is to deploy them. Regardless of the manufacturer's brand, vulnerabilities have been regularly identified and exploited.
Believing they are protecting themselves, companies are instead seeing their main weapon of defense turn against them. It's a bit like a homeowner handing the keys to their front door directly to a burglar.
Prioritize multilayers
However, there is no question of doing without these tools, whose role is to monitor incoming traffic to the computer's ports in order to allow access only to trusted flows. The problem stems from the fact that, over the years, firewall manufacturers have sought to expand their functionality in order to offer all-in-one products and gain market share. As a result, they have integrated multiple monitoring tools, such as anti-spam and proxy software, whose purpose is to filter Internet traffic. These tools have gone from being specialized to general-purpose, but with reduced performance.
Last year, no fewer than 300 vulnerabilities were identified in the leading firewalls onthe market. In this context, if companies want to protect themselves, they must apply one essential principle: "multilayering." By stacking tools from different brands, they will more easily block cybercriminals even if they manage to get through one or two layers.
Using SaaS to limit compromise attempts
Another reflex that organizations must adopt is to favor SaaS tools for their proxy or anti-spam solutions. Unlike on-premise products, the cybersecurity equipment that these solutions incorporate is carefully hidden in the cloud. Hackers therefore cannot target something they cannot identify.
Finally, one last precaution to take: favor sovereign solutions. Not only do these comply with the GDPR and are not subject to the US Cloud Act, but they are also based on a detailed understanding of the attacks deployed in Europe. By following these principles, organizations will have effectively closed the door to intruders, without leaving the keys under the doormat this time.
1 (source: CESIN barometer): CESIN Barometer: Companies' cyber resilience is improving – Le Monde Informatique
2 Fortinet : security vulnerabilities published in 2023: https://www.cvedetails.com/vulnerability-list/vendor_id-3080/year-2023/Fortinet.html
