That was almost six months ago. On December 14, 2021, time revealed that DBS Group had been hacked. The Lausanne-based company, which owns 12 real estate brands in Switzerland, including Domicim, Broliet and Duc-Sarrasin, had 615 MB of data stolen across 485 files. The DBS group, which has around 700 employees, had refused to pay the ransom to the pirates. Christophe Hubschmid, head of the group, looks back on this crisis as part of the Forward forum organized by EPFL on Thursday. SMEs and time.
Le Temps: What traces remain in your company several months after this attack?
Christopher Hubschmid: Of course, we do not come out of such a situation unscathed. But I’m very happy with how we handled it. Today all our systems are back to normal, we have reinstalled our data and our IT has been updated much faster than we expected before the attack. We have greatly accelerated our migration to the cloud, all our software now runs this way.
We often hear that these cyber attacks scare employees psychologically. what happened to you
There was the shock of the attack, the sudden separation from our systems, having to work differently… A shock that was all the greater as the Corona crisis was still very present at the time. Our IT specialists, on the other hand, worked around the clock in the first few days, with immediate support from external specialists. They could only take vacation four to five months after the attack. We wanted to inform our employees regularly about meetings and question-and-answer sheets, immediately and as transparently as possible.
How big was the stolen data?
To be honest it was minimal. We estimate that less than 0.3 per thousand of our data was stolen and published on the dark web. It was not sensitive data and, moreover, some information was unreadable without our software. It was a management controller’s computer station that was initially attacked, and the attack was contained very quickly. It was one of our employees who clicked on a link contained in an email from an external partner. It was very well done, and our antivirus programs didn’t issue the warning. This partner’s mail server was infected and controlled remotely by the hackers.
Not very sensitive data you say, but some of your customers must not have noticed that you were hacked?
think again We went to the trouble of writing thousands of letters to our customers to explain what happened. Only three customers then wrote to us and asked if their bank details had been leaked, which was not the case. We have developed closer, more documented contacts with our large institutional clients and all have been very understanding and satisfied with our exchange of experiences. Because what happened to us can of course also happen to you.
Why didn’t you pay ransom to avoid online data leakage?
It was excluded because paying it obviously would not have reassured us that this data would not be made public and does not guarantee us protection against piracy. In addition, this data was limited and not sensitive. We had a backup copy of all our information. After all, we would have had to reinstall our entire IT anyway to leave no door open to hackers. Paying was therefore never an option, we didn’t even want to know how much the hackers would have wanted to charge us. No contact was made with them.
Have you dramatically increased your IT and cybersecurity spending?
Yes. The budget was already very high, and it has continued to increase. There’s the hardware, the software, the accelerated migration to the cloud. And there is employee training that never ends. We have already trained continuously within the group, we have strengthened it, a single click can allow an attack … The problem is that you have to find the right mix: because at the end of t for some time , and that’s human and normal, speeches about prevention are no longer heard. It is therefore necessary to find new ways of employee qualification. We have also implemented double authentication systems for access, which of course complicates everyone’s work a bit and needs to be explained.
Do you have insurance against cyber attacks?
Yes, and she paid part of the cost. I won’t give an exact number. All I can say is that the insurance premium is high, but the deductible is reasonable. And the insurance company used it to pay part of the hundreds of thousands of francs that this attack cost us to restore our computer systems.
What advice would you give other companies in the face of these cyber attacks?
Make regular backups of your data in safe and offline places, constantly train your employees, then communicate transparently and quickly with your employees, your customers, your suppliers… And the story never ends, I assume that we will be attacked again . But we will face it even stronger.
#cyber #attack #cost #hundreds #thousands #francs