Located in Marseille (Bouches-du-Rhône), a few hundred meters from the port, the Campus an orange Cyber defense tends to be discrete. Over 1100 m2 105 cybersecurity experts divide their specialties (ethical hackers, engineers, analysts, auditors, etc.) to help companies in Provence-Alpes-Côte d’Azur, Corsica and Monaco, regardless of their size, prevent , detect or respond to attacks against their websites, servers, equipment or data.
Orange Cyberdefense represents a turnover of €1.07 billion in 2023, an increase of 11%, and employs 3,000 employees worldwide who work for 9,000 clients. The structure analyzed 129,000 incidents in 2023 and acted to shut down 40,000 suspicious websites.
Read also : Apple is once again warning iPhone users about possible spyware
“We are the European leader in secure managed services, with 22 centers located in 12 countries, explains Regional Director Alexander Gazzola. More than 500 different sources continuously feed the intelligence of our data system. In France, Marseille has the peculiarity of bringing together a team of different expertise. This is true flexibility because the added value in cybersecurity comes from sharing knowledge and skills. When we started here in 2016, there were only five of us.”
The venue provides training, demonstrations, awareness raising techniques or incident management in cyber security in public administrations, industries, healthcare facilities, municipalities, etc. “We gradually expanded our targets to small businesses or freelancers. Today, more and more business leaders are asking us to discuss the best ways to manage crises.” continues Alexander Gazzola.
Basic human intuition
Orange Cyberdefense covers three areas of activity. First, prevention, which makes it possible to examine all the vulnerabilities of the company’s information system by simulating attacks and the reactivity of barriers against them. Then detection when a threat occurs to understand its extent and block it. Finally, protection with customized support for customers according to the level of cyber risks to which their activities expose them.
Read also : OpenAI fixes a major security flaw in the ChatGPT app for macOS
Nicolas Bura, 24, trained in hacking, passionate about the challenge of “video games”. At Orange Cyberdefense, he tracks the vulnerabilities of customers who use Campus within a scope and duration that they determine. He does not make a surprise attack. His interventions lead to the transmission of a detailed report.
“We can operate remotely, in a restaurant or at the company’s headquartershe explains. Thanks to this report, the customer can find all the steps taken, which contributes to his awareness. An attack can, for example, change prices displayed on a website, recover passwords via employee messages, stop a factory’s production line, hack access passes or an armored door, counterfeit a brand… My action demonstrates the potential impact of a breach. Attack surface management makes it possible to inspect all exposed assets..
For the young man, “the context of the profession changes every week”. If in his eyes artificial intelligence will automate some of his tasks tomorrow, he admits that he is convinced that such a field includes “an intuition that only a human being can have to explore a particular place in a system”. His vision also serves Orange Cyberdefense. “Knowing the attack techniques well, we encourage their analysis and providing solutions to propose,” he said.
Responsiveness based on criticality
His colleague Jules Bauchet, a cyber analyst, leads a “MicroSoc” team focused on detecting attacks against customers with 20 to 3,000 licenses. Each analyst supports 20 to 40 clients. “Some attacks are more critical than others, we are committed to processing reactivity in relation to that level of criticality. Our tools are developed in-house. The logic is to move to the industrialization of discovery modes to ensure the fastest response to customer needs.”.
When the attack turns out to be complex, several analysts work on it. Surveillance operates 24 hours a day, 7 days a week. “Penalties will be increased during the Olympics”, confides Jules Boschet. Its service can detect whether an attack attempt is coming from abroad. The event may be favorable for this. To effectively protect a system, Orange Cyberdefense goes so far as to implement customized solutions for customers potentially exposed to a large number of threats from multiple sources. Like the marine world, whether it is a merchant ship, a cruise ship, a yacht…
Depending on the configuration, the danger may come from the architecture of the system, which cannot always be read by the successive owners, taking into account the life expectancy of the boat, the marine environment (stability, connectivity, etc.), ill-intentioned passengers , cabin crew who can share the same workstation… “The boat is a floating factory”, sums up Alexander Gazzola, “We carry out cyber security audits on board, threat detection, crisis simulations, we can install terminals to clean USB keys…”.
A vessel connectivity architecture was designed in virtual reality for a customer who has a fleet of several vessels communicating via a legacy Cisco system. “Today he has a global and comprehensible vision of the details of the services we have provided him to protect himself.” assures Frederic Spenato, cyber architect.