The global health crisis that we have been experiencing for over a year now has shaken up our lifestyles, our practices and our customs, both in the private and professional spheres.
While wearing a mask and social distancing are now part of our daily lives, the pandemic has also led us to renew our work habits. I would particularly like to thank ANSSI’s staff, who have embodied one of the agency’s core values – agility – by showing outstanding adaptability in this period. Without their commitment, their reactivity, their mobilisation and their professionalism, we would not have been able to pursue our missions as we needed to. Especially as, despite the health crisis, cyber activity is as strong as ever.
Like our work methods, this annual report has reinvented itself and now offers, in a digital format, a look back at the most significant actions carried out by ANSSI over the past year.
From the presentation of our Manifesto in January 2020 to the launch of the new European cyber security strategy, through the launch of “France Relance”, the French economic recovery plan, the second edition of Blue OLEx – all in an intense operational context marked in particular by the exponential increase in the criminal threat – 2020 has been, once again, a particularly rich year for ANSSI.
In the face of the magnitude of the threat, we find strength through unity, and so ANSSI, true to its principles of openness, has continued to forge partnerships with public and private stakeholders to raise awareness and to support companies, administrations and local authorities as well as the French people in addressing cyber risk.
As the cyber threat can no longer be ignored, we need now more than ever to look to the future and to anticipate. Many challenges lie ahead, at the national, international and European levels. In the first half of 2022, France will preside over the Council of the European Union. ANSSI is already fully mobilised to contribute to the success of this presidency, as well as to the events that will enable the development of digital security and trust in our country in the coming years.
Keep Calm and Carry On!
In 2020, the Covid-19 pandemic disrupted the habits and work conditions of many companies and organisations. ANSSI was no exception. Agility and creativity have been essential to allow ANSS to pursue its missions.
The year also saw a number of structural developments for ANSSI:
The trust placed in ANSSI is rooted in the French cyber defence model, which is characterised by a distinction between offensive and defensive missions and the agency’s interministerial position. At the heart of this model, ANSSI has demonstrated technical expertise acquired over the years. ANSSI’s skills are well known, and have been called upon for the development of digital tools linked to managing the health crisis.
In addition, ANSSI continued its advisory mission and the promotion of the construction of a secure and trustworthy digital environment on a European scale.
The digital transformation and the resulting benefits bring new vulnerabilities that we cannot ignore. In 2020, ANSSI’s monitoring and analysis enabled the deepening of France’s knowledge of the constantly evolving threat.
The trends observed in 2019 were confirmed in 2020. The year was marked by an upsurge in ransomware attacks. The number of reports related to ransomware increased fourfold compared to 2019. Strategic threats, espionage and supply chain attacks have also been the most observed phenomena over the past year.
No sector is spared from cyber attacks. Nevertheless, the victims of ransomware are mainly local authorities, health facilities and companies in the industrial sector.
ANSSI is involved in CSIRT networks. Its participation contributes to a better common understanding of the threat and to a more efficient dissemination of alerts. Given the level of the current threat, experience sharing and networking are crucial at all levels.
2020 was marked by the emergence of system detection devices, which complement existing detection means. These new devices have notably added value in incident response operations by enabling monitoring of attacker’s actions and verification of the effectiveness of remediation or containment measures.
In the face of the ever-expanding threat of cyber attacks, anticipation and preparation are essential.
Three major guides have been published in partnership with French organisations (Association des Maires de France et des Présidents d’Intercommunalité, Club de la Continuité d’Activité, Ministry of Justice) to raise awareness of cyber risks and more particularly of ransomware as well as to provide a methodology for organising a cyber exercise. The English versions of these guides will be made available in 2021.
Because training is essential at all levels, the second edition of Blue OLEx provided an opportunity to test the European cyber crisis management system. The 2020 edition was marked by the establishment of CyCLONe (Cyber Crisis Liaison Organisation Network). This coordination network, the strategic level in the management system, brings together the heads of the national cyber security authorities of the European Union (EU) member states. Objectives: contribute to the implementation of the European Commission’s incident response plan and complement the existing cyber security structures within the EU.
Training in information systems security and raising the French public’s awareness of digital risks are major issues.
ANSSI’s Information Systems Security Training Centre (CFSSI) is in charge of defining and implementing the agency’s policy in this area. It offers civil servants as well as staff of vital and essential services operators training provided by cyber security professionals, including many ANSSI’s officers. Their adaptability and reactivity enabled remote training sessions over the past year.
CFSSI also contributes to making training and employment opportunities in cyber more visible through various initiatives:
In addition, CFSSI is involved in raising the French public’s awareness of cyber issues through the SecNumacadémie MOOC. Since its launch in 2018, 35,000 certificates have been issued.
For several years, ANSSI has been coordinating France’s participation in European Cyber Security Month. Many public and associative stakeholders, and in particular Cybermalveillance.gouv.fr, take part in Cybermoi/s, the French version of this initiative. Every year, the month of October is an opportunity to organise events and activities in order to raise awareness of digital risks. The 2020 edition was marked by the launch of a new website and the release of three interactive comic strips. Visit cybermois.fr (available in French)
Exceptional times call for exceptional measures. To raise the French public’s awareness during the Spring 2020 lockdown, the Cybermoi/s working group launched the #CyberChezMoi operation. Echoing Cybermoi/s, this campaign aimed at reminding people of good cyber security practices to adopt in a remote working situation. The operation was repeated during the second lockdown.