Cybersecurity - companies are supplying their attackers with weapons!
In 2022, almost 1 in 2 French companies fell victim to a cyber attack1. A figure that prompts vigilance, all the more so as the geopolitical context, as well as the hosting of the next Olympic Games, will provide cybercriminals with numerous opportunities to cause harm. To defend themselves, companies rely mainly on one tool: the firewall, which is supposed to block malicious attempts on all internal and external data flows. Worldwide, 5 major suppliers dominate the market, equipping a large proportion of companies. Affordable equipment that hackers use to identify vulnerabilities and fine-tune their attacks!
Firewalls, the blind spot of cybersecurity
Today, most organizations are equipped with firewalls or firewalls, which are at the heart of their cybersecurity systems. With a market dominated in France by the giants of the sector, at the entry-level, these devices are within the reach of any cybercriminal in search of substantial profits! As a result, some of them have got into the habit of installing them in their own infrastructures to prepare and simulate their attacks. Once these have been validated, all they have to do is deploy them. Regardless of the manufacturer, vulnerabilities are regularly identified and exploited.
Thinking they're protecting themselves, companies see their main defensive weapon turned against them. It's a bit like the owner of a house giving his front door keys directly to a burglar.
Prefer multi-layer
However, there's no question of doing without these tools, whose role is to monitor incoming traffic to computer ports and authorize access only to trusted flows. The problem lies in the fact that, over the years, firewall manufacturers have sought to extend their functionalities to offer all-in-one products and gain market share. As a result, they have integrated multiple monitoring tools, such as anti-spam or proxy, whose mission is to filter Internet flows. These tools have evolved from specialists to generalists, albeit with lesser performance.
Last year, no fewer than 300 vulnerabilities were identified in the market's leading firewalls2. Against this backdrop, companies need to apply a key principle to their protection: "multi-layering". By stacking tools of different brands, they will more easily block cybercriminals, even if they manage to get through 1 or 2 layers.
Using SaaS to limit compromise attempts
Another reflex that organizations should adopt is to opt for SaaS tools for their proxy and anti-spam solutions. Unlike on-premise products, the cybersecurity equipment embedded in these solutions is carefully camouflaged in the cloud. As a result, hackers have no opportunity to practice on something they can't identify.
Finally, the last precaution to take: give preference to sovereign solutions. Not only do these comply with the RGPD and are not subject to the American Cloud Act, but they are also based on a detailed knowledge of attacks deployed in Europe. Thus, by respecting these principles, organizations will have effectively closed the door to intruders, without having, this time, forgotten the keys under the doormat.
1 (source : CESIN barometer) : Cesin barometer: companies' cyber-resilience improves - Le Monde Informatique
2 Fortinet: security vulnerabilities published in 2023 : https://www.cvedetails.com/vulnerability-list/vendor_id-3080/year-2023/Fortinet.html