Wednesday, May 13, 2015, the Observatory organized a breakfast on the theme “Cyber Prefect, serving the citizens, businesses and the state.” For the occasion Jean-Yves Latournerie made a speech, appointed prefect for the fight against cyber threats by the Council of Ministers in December 2014, and Colonel Eric Freyssinet, counselor of the prefect. Following a presentation of the General Watin-Augouard, Mr. Prefect spoke.
Jean-Yves Latournerie mentioned the difficulty of carrying out an assessment of its function of “cyber-prefect”, just months after its creation and taking office. He wished to stress the importance of this function which is the third pillar of the interior security functions alongside the policeman and the soldier.
The Cyber prefect’s function appears in a specific context of growing threats in cyberspace. According to a Symantec report in 2013, spear-phishing attacks increased by 91% and are longer. Similarly, there is an increase in targeted attacks. Personal data theft also increased: it is estimated at nearly 552 million the number of data stolen in 2013. The mobile sector is also severely affected: 38% of mobile users have been victims of an attack in 2013. There is a clear qualitative improvement in spam techniques. Finally, attacks for ransom (such as a ransom in exchange for a return data or locked accounts) grew by 500% in 2013.
Cyber attacks affect half the government and defense sectors. Next follow the dissidents sectors, political, and aerospace. While it is still difficult to know the true cost of these attacks, the average cost of cyber threats is estimated at 4.8 million euros.
The crisis that France suffered in January 2015 did not lead to destructive cyber attacks. Indeed, there was a peak of low intensity attacks. But they highlighted the importance of the “propaganda” component of cybersecurity
It is in this context that a new position in the Ministry of Interior was born, prefect for the fight against cyber threats, “cyber-prefect”. If in October 2014, an ambassador in charge of cyber threats had been appointed to the Ministry of Foreign Affairs, this is a position that did not exist within the Ministry of Interior.
The prefect’s missions are:
– The development of a departmental strategy against cyber threats;
– Coordination of all components responsible for cybersecurity in the Ministry of Interior.
– The implementation of a departmental action plan
– The development of an international doctrine
– The establishment of an entry point and contact for external actors to the Department.
– The creation of responses in the area of cybersecurity in accordance with ANSSI, the Ministry of Defense and the Ministry of Foreign Affairs.
The six strategic pillars of the Ministry’s Action Plan are:
– Always have a clear and accurate vision of the state of cyber threats: currently the Ministry does not have exact figures or reliable statistics. The research will begin in September 2015 and the results are expected in late 2016.
– Adapt and strengthen the response capacity of the Ministry against cyber threats: this resulted for example through the creation of a sub-directorate dedicated to cyber crime in the Judicial Police.
– Improving the level of awareness and prevention against “cyberthreats individuals”, economic actors and local authorities.
– Participate in the effort to research and development combining academic and industrial: the prefect meets companies and evaluates their products for possible support.
– Strengthen the security level of departmental information systems.
– Promote international action in the fight against cyber threats.
The prefect then presented the Joint Task Force between the Ministry and ANSSI he co-chairs with Guillaume Poupard. This task force’s main mission is to fill a gap noted after the events of January 2015. Many individuals, PMI, or local authorities have been victims of cyber attacks in January. These actors are often unprepared for such attacks and did not have partners to meet the situation. The working group aims to address this category of users and reflects in particular the establishment of a CERT for the public.
Jean-Yves Latournerie has also mentioned the discussions between the Interior Minister, Bernard Cazeneuve, and major operators. Begun in February, these discussions led in April to the establishment of a common platform for cooperation in the fight against terrorism. This platform focuses on two topics:
– The reports and requests for withdrawals of Bad Content:
Since its implementation, there have been twenty withdrawals for advocating terrorism and thirty withdrawals concerning child pornography.
– The formal requests for information on connection data and other profile-related services offered by operators.
For the French authorities, efforts are being made to improve formulations of requests while operators are working to improve the conditions of time and quality of the responses.
A permanent group, led by the prefect, was set up. The first meeting was held on May 12, 2015.
Questions and Discussion:
– What coordination with the Ministry of Justice?
The Ministry of Justice is present but is not at the same level of identification. Within the Criminal Affairs and Pardons Department, a section is dedicated to cyber issues. The Ministry of Justice will strengthen and specialize in its degree of involvement in the future. For now its role is essentially that of repression.
– What progress in the establishment of an international doctrine?
The DCI has the second digital network in the field of internal cooperation. Operating in nearly 90 countries, this structure is responsible for domestic security in general but is focusing more and more on cyberspace.
– What about the relationship between the Ministry of Interior and Disic (Interministerial Directorate of information and communication systems) and the subject of the decentralized systems of the state?
The role of Disic is to create coherence between the different information systems of the state. It seeks to relate the basic infrastructures and manage the cohabitation of disparate information systems and the different departmental cultures.
– What answers can be given in the field of banking frauds facing a sense of non protection of victims and the difficulty of filing a complaint due to the non-recognition of losses?
Should we set up a cyber campaign like the campaigns for road safety?
To the first question, the answer is definitely yes. This is what we want.
On bank fraud, the prior requirement of filing a complaint has been removed. This allows the victim to be reimbursed by his bank when there is evidence of fraud. Following this measure, the banking system has seen a surge in the number of reported frauds. The simplification of the procedure has yielded statistics and numerical representation of the phenomenon. It also highlighted the need to partner with the banking sector in the area of cybercrime.
– What management at the departmental level?
The departmental management is the subject of a discussion within the Joint Task Force of the Ministry of Interior and ANSSI.
– What role for the Ministry of Interior on intelligence?
This role is performed by the DGSI which is not coordinated by the “cyber-prefect” even though collaborations take place.
The question of monitoring motions in cyberspace has not been yet been discussed within the functions of the “cyber-prefect”.
- EncroChat: Deciphering of the End-to-End Encryption Service Used by Criminals Cybercrime
- Preserving Digital Footprints and Cyber Resilience: Training the Swiss Police Cybercrime
- Ransomware in Six Questions (by the Ministerial Delegation to the Security Industries and the Fight Against Cyberthreats, French Ministry of the Interior) Cybercrime