Category
🤖
TechnologieTranscription
00:00In 400 days, the biggest sporting event in the world will begin and it will take place in France.
00:1315,000 athletes, 200 nations, 4 billion viewers, the 2024 Olympic and Paralympic Games,
00:20an out-of-the-ordinary event which obviously represents a special target for cyberattacks.
00:27And this is where ANSI comes in.
00:29The National Agency for Security of Information Systems has been preparing for a long time to face this threat.
00:36Right now, to talk about it, I have an appointment with Vincent Strubelle, the General Director of the Agency.
00:41Let's go.
00:43Vincent Strubelle, hello.
00:44Hello, welcome to ANSI.
00:45So, how is cyberthreat increased during these Games?
00:49The Olympic Games are an exceptional event from every point of view,
00:52including on the cyber level because it will attract all types of attacks.
00:56Attacks that aim to destabilize, to disrupt the opening ceremony, for example,
01:01to send a message, to bring the image of France to the public.
01:04Attacks that aim to make money.
01:06We see this every day, extorting, blocking, stealing data.
01:10And then, attacks on the sport itself, on the timing, on the anti-doping struggle.
01:15All these are things that are not theoretical, that have already happened in previous Games.
01:19Your teams are in the starting blocks.
01:22We're going to go here and there, see some of the members of your team,
01:25or some of your beneficiaries, to find out how they defend themselves against the cyber threat.
01:30I'm sure they'll have a lot of things to explain to you.
01:36I just left Les Invalides to come here to the Organizing Committee of the 2024 Paris and Olympic Games,
01:42where I have an appointment with Franz Regul,
01:44the head of security for the information systems of the Games.
01:48We're going to see him right now.
01:50Franz Regul, hello.
01:51Hello, Erwan.
01:52So, we're a bit like with athletes.
01:54It's a real team effort, a collective sport, I would say, to fight cyber threats.
01:59That's exactly it.
02:00Like the athletes who have been preparing for several months, several years,
02:03we have done the same.
02:05Alongside Annecy, alongside the great Cyber France team,
02:08Games are of course the biggest sporting event in the world,
02:10with major technological challenges around the capture of images,
02:14timing, refereeing, logistics for the athletes, delegations and spectators.
02:19Annecy has an essential role to federate all the forces of the French ecosystem
02:25in order to prepare the Games.
02:27We, of course, but also the major infrastructure operators,
02:30the communities, the administrations.
02:32And that's why we've been working together for several months already on these issues.
02:36Thank you very much, Franz Regul.
02:38I have to go, because I have a few miles to go.
02:40I'm going to Rennes, in Annecy's premises,
02:43to find out how we secure the so-called critical or sensitive information systems.
02:50Is that right?
02:51That's right.
02:52Thank you very much, Franz.
02:53Thank you, Juan.
02:58Bertrand, Thomas, hello to you.
03:00So, we left Paris for our beautiful Brittany,
03:03and I have two Annecy agents in front of me.
03:07It's a bit like James Bond, but we're not that far off.
03:10Before and during the Games, your mission is to counter cyber-threats.
03:15So, what does that consist of, Bertrand?
03:17My job is to prepare 500 players,
03:20of whom IT security is key for the good performance of the Olympic Games.
03:25We're going to find critical players
03:28whose compromise could jeopardize all the Olympic Games.
03:33For example, ticket control, ticket access control.
03:38If this one doesn't work because of a computer failure,
03:42you could have a crowd gathering at the entrance of the stadiums
03:48and potentially public order problems.
03:52So, public security compromises, possibly.
03:55Absolutely.
03:56Another category of players, so the so-called sensitive players,
03:59whose compromise could put one or more tests to the test.
04:04As for the critical players, Annecy does its own thing
04:07with its teams of auditors and architects
04:09in the security of information systems.
04:11So, Thomas, you're an architect.
04:13Can you tell us a little bit about the concrete actions?
04:16So, the security actions will consist of audits
04:20or support actions.
04:22The audit is usually the first step.
04:24It's a diagnosis of the security of the SI.
04:26For example, we're going to carry out an intrusion test
04:28that aims to compromise the SI like an attacker would.
04:31In a second step, we do a technical support,
04:33which is a phase of advice.
04:34So, we're going to propose changes in the architecture,
04:37in the configuration, or improve the operating procedures.
04:44Hello.
04:45Nice to meet you.
04:46Welcome to the city of Paris.
04:47I wanted to know a little bit about the relationships
04:49that you maintain today,
04:51one year from the Games, with Annecy, quite simply.
04:54The Olympic and Paralympic Games
04:56were an opportunity to benefit from Annecy's support approach.
05:00In particular, the contribution of experience
05:03on the scenarios of threats and specific risks
05:06to this type of major event,
05:08and the contribution of audits and expertise and advice
05:11in various sensitive areas.
05:13So, I imagine that it was necessary to identify
05:16the most critical sectors in view of these Games.
05:19One of the important points of the approach
05:21is to target the most important ones
05:23in the context of the Olympic Games.
05:25This work was done jointly
05:27between the city's teams and Annecy's teams
05:30to define a list of critical areas
05:32on which a particular focus was put in place.
05:35The cyber threat, I imagine, is constantly evolving.
05:38So, this support from Annecy
05:40allows you to be better prepared?
05:42Indeed, you have to be ready at all times
05:44and adapt to everyday life.
05:47Annecy's support, with the advice of experts,
05:50allows you to be even more targeted
05:53in relation to the specific context of the Olympic Games.
05:55Perfect. Well, thank you very much, Joachim.
05:58Thank you.
06:04I'm in the Hall of the Cyber Campus,
06:07the Cyber Security Antechamber.
06:09And I have an appointment with Alice Tourneur,
06:11Director-General of Annecy,
06:13and the founder of a seminar
06:15on cyber risk awareness during the Games.
06:19Come on, let's go see her right now.
06:22Hello Alice.
06:23Hello Erwan.
06:24I feel like I'm a little late.
06:27Yes, the seminar has just ended.
06:29Well, it doesn't matter.
06:30We're here to talk about this seminar.
06:32It was an important event
06:34because it was an event
06:36aimed at uniting all the actors
06:38of the Games ecosystem.
06:40So, what happened during this seminar?
06:42In fact, the seminar's goal was
06:44to raise awareness of an ecosystem
06:46that is much wider and quite different
06:48from the ecosystem that Annecy usually addresses.
06:50We have, for example, public actors
06:52such as high-ranking collectivities
06:54hosting the Olympic Games.
06:56We also have a lot of private actors
06:58who are either partners or providers of Paris 2024.
07:00And then we have all the big actors
07:02who contribute to the well-being,
07:04the well-organization of the Games,
07:06such as all transport networks,
07:08electricity networks, telecommunications networks as well.
07:10So, what do you tell these actors
07:12in preparation for the Games?
07:14We tried to think of it in a rather chronological way,
07:16from risk to crisis.
07:18So first, we presented them
07:20with some good practices
07:22to identify the risks
07:24that weigh on their most sensitive
07:26information systems for the well-being
07:28of the Olympic Games,
07:30and then recommendations
07:32on how to manage a crisis
07:34in case of a cyber incident.
07:36And what is the objective of this seminar?
07:38The objective is to make
07:40all the actors of this ecosystem
07:42as autonomous as possible,
07:44both in the prevention of cyber risks
07:46and also in the response to incidents.
07:48Of course, the ANSI will not be able
07:50to intervene everywhere
07:52if there are multiple cyber attacks.
07:58So Alice, how do you make sure
08:00that all the actors are sensitized?
08:02First, we write them an email every month
08:04that recalls a little bit
08:06the content of the seminar we presented today
08:08and that aims to remind them of the risks
08:10but also of the good practices to put in place
08:12to prevent any incident
08:14and of course to know how to react
08:16in case of a cyber attack.
08:18The email that we see on the screen right now.
08:20Hello!
08:22This is the first email we sent in May
08:24and it sets the background of what could happen
08:26during the Olympic Games.
08:28Seminar, email, but I imagine
08:30that today we don't cut it,
08:32it's the social networks that are in the spotlight.
08:34Exactly, we are also on social networks
08:36and that allows us to reach all the actors
08:38that we would not have pre-identified
08:40in our ecosystem and that would nevertheless
08:42be affected by the Olympic Games.
08:44Thank you.
08:48We are in Marseille,
08:50the second city in France
08:52and therefore one of the main actors
08:54of the next Games.
08:56This is where the women's football
08:58and especially sailing competitions take place.
09:00So, we have seen previously
09:02with Alice Tourneur from Annecy
09:04the different sensitization actions
09:06that are organized at the central level.
09:08Well, in the region,
09:10it's pretty much the same thing
09:12but it's the regional delegates
09:14who make the connection between Annecy
09:16and the local beneficiaries,
09:18like the city of Marseille.
09:20Hello!
09:22Hello, it's Elia Novak.
09:24Nice to meet you.
09:26Hello, Jérôme Pottier.
09:28Hello, Erwan.
09:30Thank you for welcoming us
09:32in this beautiful city,
09:34this city that you have for a mission,
09:36I believe, to secure against the cyber threat.
09:38So, you are part of the city of Marseille
09:40and you are in charge of security.
09:42So, my role is RSSI
09:44and it's to be able to ensure
09:46the cyber issue and the cyber security
09:48of the Games,
09:50especially the arrival of La Flamme on May 8th
09:52in the old port.
09:54You will arrive there, in the old port?
09:56That's it, there in the old port.
09:58With the boat, the Bellem.
10:00Big school boat, it's going to be beautiful.
10:02And so, for that,
10:04we have been working together
10:06with Annecy for a little over a year
10:08on the crisis situation.
10:10And all this, we do it together
10:12to ensure a perfect performance
10:14of the Games.
10:16So, it's really a joint work,
10:18it's a team work, if we can say,
10:20with big actors like the city of Marseille
10:22and then smaller actors
10:24who compete for the good progress of the process,
10:26which are hotels, training centers,
10:28road transport, simply.
10:30And that's your mission, I think.
10:32Indeed, so we, the delegates in the region,
10:34have a mission to work with the state services
10:36to bring big messages,
10:38to play the role of proximity
10:40and also capture what is the reality
10:42of the territory.
10:44And so, for the NGOs specifically,
10:46we will have this work of awareness,
10:48we will pass three big messages.
10:50The first is to tell them
10:52that even if they are actors
10:54who are little or very little involved
10:56in the NGOs,
10:58they can become victims
11:00with opportunistic attacks.
11:02There can be collateral damage.
11:04The second is to tell them
11:06that there is a potential
11:08to set up processes, tools, etc.
11:10to better secure themselves,
11:12to increase their cybersecurity level.
11:14And then finally, we remind them
11:16that we can play the role of proximity relay
11:18to support them.
11:20We also have relays that are set up
11:22in the region, for example,
11:24with the six regional centers
11:26that can support them in the event of an incident.
11:28Very good, so you are a team,
11:30working together
11:32because NGOs are a party.
11:34Thank you both.
11:36Thank you very much.
11:42In terms of cyber threats,
11:44can we really anticipate everything?
11:46And even when an attack occurs,
11:48ANSI deploys
11:50what it calls cyber firefighters.
11:52And precisely, we are going to meet
11:54one of these firefighters.
11:58So this is where it happens,
12:00all the small incidents
12:02that can happen to actors
12:04who could not handle it internally.
12:06Absolutely.
12:08Typically, a victim of a cyber incident,
12:10when they are no longer able to
12:12deal with their problem,
12:14will call us,
12:16will call the BI247 center
12:18to share their incident,
12:20possibly request assistance.
12:22And we will define a device
12:24to be able to help them and possibly
12:26climb on stronger engagement modes.
12:28It's not a daily thing, but we imagine
12:30that for NGOs, it is all the more active.
12:32Absolutely.
12:34So about every year, we manage
12:363,000 to 4,000 events per year.
12:38And for NGOs,
12:40we think we will clearly have a serious threat,
12:42that is to say that it is a very visible event,
12:44with probably cybercrime threat,
12:46activism,
12:48an international geopolitical context
12:50that can be complex.
12:52Which will have to be managed quickly.
12:54Which will have to be managed quickly
12:56to avoid big forest fires, right?
12:58Exactly, but sometimes
13:00we were also forest fires.
13:02For all this, you need resources,
13:04and that's good, because I have an appointment right now
13:06with your colleagues who organize all this internally.
13:08Thank you very much, Rémy, anyway.
13:16Lisa, Julien, hello.
13:18Hello.
13:20So Lisa, how do we prepare internally
13:22for a possible cyber threat?
13:24We have to put in place all the resources,
13:26all the means to ensure the continuity of activity.
13:28We anticipate, and we try to do everything
13:30so as not to be in reaction at the moment.
13:32So how do we anticipate, Julien?
13:34We already anticipate by hiring.
13:36It goes first through the staff.
13:38We hire right now
13:40to be able to train and be able
13:42to integrate people.
13:44This securitization also goes through
13:46conventions.
13:48Conventions within the State.
13:50The State already secures itself with other ministries,
13:52but also with other partners
13:54in order to be able to respond
13:56if there is ever a cyber attack.
13:58If there is a cyber attack,
14:00it means that there is really a crisis cell
14:02that is organized with a lot of people
14:04H24 in the agencies.
14:06And we have to give them
14:08enough to eat,
14:10enough to work, quite simply.
14:12This is one of the goals
14:14that we have right now.
14:16Namely, in anticipation,
14:18prepare both
14:20agents to drink
14:22and use equipment
14:24to respond to the cyber attack
14:26than to anticipate
14:28the purchase of sandwiches
14:30to hold during the night
14:32if there is to be a crisis cell
14:34in H24. Right now, we are like
14:36athletes. We prepare
14:38to be at the meeting on the day.
14:40Okay, so this is the training period
14:42and soon you will be completely ready.
14:44Thank you very much to both of you.
14:50A possible crisis of cyber origin
14:52could put in difficulty
14:54the organization and the good
14:56outcome of the Games.
14:58But ANSI is here to prepare
15:00its beneficiaries with practical exercises.
15:02So to find out a little more
15:04about this special training,
15:06I propose to join
15:08Margot Vincent and Martial Leguédard.
15:10Hello Margot, hello Martial.
15:12Nice to meet you in these
15:14great premises, I must say.
15:16These are the premises of ANSI at the Cyber Campus.
15:18So Campus,
15:20it reminds me a bit of Coach.
15:22Can I call you the coach
15:24in crisis management, Martial?
15:26In a way, yes.
15:28Our role within the agency is to train
15:30the state, but also the beneficiaries of the agency,
15:32public or private,
15:34to train, to do crisis exercises
15:36more specifically,
15:38to be well aware of the crisis management
15:40of cyber origin, to train
15:42in an emergency time, to the procedures,
15:44to the tools that must be used in times of crisis
15:46and also to find improvement axes
15:48in view of future crises that could
15:50happen tomorrow.
15:52And this is extended to all players?
15:54It is extended to all players. Today, the agency has made available
15:56exercise kits that are ready for use,
15:58which are made available on the agency's website directly
16:00and these guides are accompanied by
16:02a self-isolation tool that allows you to determine
16:04your level of maturity to do an exercise
16:06on final measures.
16:08So anticipation, preparation,
16:10these are in a way the key words
16:12on all floors here and in all services,
16:14communication, isn't it Margot?
16:16Exactly. Crisis communication is an essential component
16:18of crisis management
16:20and concretely, we will help
16:22entities upstream,
16:24that is, before they become
16:26victims of cyber attacks,
16:28since the key to having a successful
16:30crisis communication is
16:32to have elements prepared in advance.
16:34As of 2022,
16:36in 2023 and 2024,
16:38we have organized sensitization
16:40and training
16:42on cyber crisis communication
16:44for the game ecosystem.
16:46We have passed on
16:48the right practices in the field
16:50and we have encouraged them to prepare.
16:52So that's the whole system, the whole preparatory process,
16:54but in the event of a crisis,
16:56how do you manage?
16:58Concretely, we are here to assist
17:00victims of cyber attacks
17:02from a technical point of view on the incident,
17:04but also from a communication point of view,
17:06since we often face
17:08victims
17:10who are really disturbed
17:12by the extent of the cyber attack
17:14and who do not necessarily know
17:16how to communicate around this incident.
17:18So you seem pretty well prepared.
17:20It's a pleasure to see.
17:22And we cross our fingers so that it doesn't go wrong.
17:24Thank you both.
17:26And good luck for the future.