|Jérôme Bascher, the republican Senator of Oise (LR party) expressed his concerns in the report to the Senate No. 82 (2019-2020), on October 22, 2019 : ″Parliamentarians IT security is close to zero″
It is primarily a matter of distinguishing between institutional functions and the IT practices of parliamentarians themselves. While the former are relatively well protected, since they benefit from assistance such as that provided by the Anssi (national agency for the security of information systems), the latter are a source of great IT insecurity.
IT insecurity factors related to the workforce
1. Having its own IT equipment
The workforce is a key element in IT security. Each parliamentarian is free to have their own equipment (Huawei or Apple telephone), yetinsecurity can arise from their exchanges and from the means of communication they use. In fact, mobile instant messaging applications that are likely to be used, go through the GAFA. They are hosted by servers of Amazon web service and not by OVH, for example, which could potentially be an efficient French server. This could be countered by the argument that Amazon Web service is also based in France,
2. Not enough awareness among senators
While the Parliament benefits from the Trojan horse attacks detecting systems on institutional sites, the level of IT security among parliamentarians is still very low.
In 2018, the Senate’s IT security systems intercepted more than 30,000 high-risk contents. Senator Bascher assures that security services experience at least 2 or 3 cyber attacks per week.
Only wiling senators are aware of the importance of IT security. Senator Bascher pointed out : “I’ve never had a virus in my life, because I’m careful,”. Among the risks that public authorities may incur, appears the so called “facing”, that is,the creation of a fake Internet page that could be an apology for terrorism, that French channels Public Sénat and LCP-AN, whose credits are included in public authorities mission, can suffer from. It is a bit reminiscent of the past attack against the channel TV5 Monde a few years ago, which has since had to make considerable investment efforts to pay for its protection.
In addition, an increaseof requests that makethe site inaccessible – hasto be considered,
Cyber attacks against public authorities are now undeniable, as evidenced by the cyber attacks that hit Estonia in 2007, the German Bundestag in 2015 and, to a lesser extent, the Senate, in 2011.