Colonel Joël Ferry of the French Gendarmerie, specialist in criminal law as applied to ICT.
Colonel Joël Ferry of the Gendarmerie began his career as a detective in 1977. Having led several territorial brigades, he served at the head office of the Gendarmerie Nationale before joining the Central Office for the Fight Against IT and Communications-related Crime and, subsequently, the Criminal Affairs and Pardons Office. Following this, he took over command of the research section at Versailles. Today, he sits on the Criminal Investigation sub-Directorate: a central body within the Gendarmerie responsible for criminal affairs, cyber-crime and counter-terrorism. Joël Ferry has taken part in numerous seminars and events on cyber-crime in France and abroad. He is the author, with Myriam Quéméner, of “Cybercriminalité : Défi mondial” (“Cyber-crime: a global challenge”) à http://livre.fnac.com/a2630510/Joel-Ferry-Cybercriminalite-un-defi-transnational.
Even though organized crime has always existed, the advent of digital technology opened up a whole new field where it can operate. A lot is talked about cyber-crimes, but the ones we hear about are just the tip of the iceberg: only one in 10 of them is actually brought to justice! With the Internet, fraud and swindle have taken on a whole new dimension. Counterfeiting is a good example. Today you can find almost anything on the Internet: fashion, domestic appliances, medicines… Identity theft, fraudulent ‘under the counter’ trade and counterfeiting can all be very expensive and potentially dangerous (defective dentures, counterfeit drugs, electrical equipment with the wrong power ratings…). But when it comes to the risks involved for the perpetrators, they face much less punitive sanctions than for other offenses that are seen as more serious. This raises real commercial and public health issues which are often underestimated, and which we are currently working on.
Today governments are not just engaged in wars, but also in economic battles
However, the biggest challenge lies elsewhere: with economic and geopolitical intelligence. Nowadays, digital networks are the ideal battleground for the war, involving espionage, misinformation and contamination, sabotage, terrorism… aimed not only at businesses, but also at nation states. The recent attacks against Estonia and Georgia are mere tasters of the cyber-wars to come, where it will be possible to create panic and misinformation targeting critical infrastructures such as power plants and payments networks. Major companies are well aware of this. Even though there is still significant progress to be made, they know that they need to protect their R&D and commercial secrets, and secure their industrial and logistical processes. But SMEs are at much greater risk.
Cyber-crime touches citizens and companies, and it threatens the nation’s vital systems
All too often, security is seen as the lowest priority. But simply insuring themselves is not enough. Making provisions against risks cannot compensate for the serious damage to the e-reputation that can result from an attack, the resulting potential failure, even the endangering of vital State facilities. All the more so, because this is not just a business issue but also a legal one. In France, for example, the loss of customers’ personal data because it was not protected by state-of-the-art systems, is a crime for which the CEO can be held personally responsible!
Before, criminals would search through trash for secrets, now they search computer hardware.
In this area, people are least well aware of data leakage. Intellectual property represents the company’s ‘intelligence’. So we all need to be aware that losing sensitive information means we lose out on competitiveness, market share, jobs… That means we need a strong security policy, not just encrypting sensitive data, but also ensuring its traceability. The idea of building an impenetrable fortress is a fallacy. Some sensitive information is bound to get out. Some attacks will succeed. To mitigate against this, tools must be put in place that allow us to go back to the original source should an offense occur: to carry out a criminal investigation, analyze patterns, and make correlations. This is a crucial point for the detectives that we must all become.
No defenses are completely impervious. As soon as the door is barred, you go through the window! The challenge for IS Security Managers is to anticipate and trace leaks.
So traceability has to be the IS Security Manager’s number one weapon. In the wake of a cyber-attack, you need to be able to identify the human, physical or technological failing that caused it. To gather the evidence, you have to be able to examine any traces that have been left. So we always advise IS Security Managers to trace, trace, trace: any access that your employees or partners have to your data, unusual behaviour or triggers for alerts, changes to the pattern of network traffic, any leakage outside the organization… in other words any logs that can be used to establish a set of clues or evidence. There are now some extremely good security tools available in these areas. It is also essential to train employees effectively on the organization’s security policy, so they are fully aware of it and, most importantly, they are ready to follow it from the moment they join the company.
Threats are constantly evolving. The real security challenge is to continually adapt to them.
Ultimately, digital risks must be constantly reevaluated. The threats involved are continually evolving, along with technology. When it comes to security, the real watchword has to be ‘agility’. As Darwin emphasized: “It is not the strongest of the species that survives, nor the most intelligent… it is the one most adaptable to change”. Here at the Gendarmerie, this notion of continuous adaptation is at the heart of our approach. We were pioneers in the fight against cyber-crime. The history of the Gendarmerie fits into this picture of constant change, over eight centuries. We have adapted to the changing nature of offending and crime, for example with the creation of Territorial Brigades under François I to fight against highwaymen, when our force was still known as the Maréchaussée. This network still forms part of our organization. Today, our investigators increasing operate at the leading edge of technology, with the aim of appropriating the digital space for ourselves, enabling the Gendarmerie itself to become a player in the network on the one hand, and on the other to fulfill its public service role with dedicated staff and a specific legal framework. The Internet certainly speeds things up. So agility and contextual intelligence must also be watchwords for businesses. They not only have the capacity, but also the technological and human resources to get involved in an approach that increasingly combines both the public and private sectors. What a great match of complementary skills!