In the notary’s field, cyber malicious practices are now commonplace. Fraud, identity theft, theft of personal data… How do notary offices protect themselves against this scourge?
The legal profession is now also riding the digital wave.. Services are digitized, files are dematerialized, and signatures are electronic. So many means of access for hackers and cyber attackers.
The most frequent attacks are those directly targeting the websites of the notary offices. These cyber attacks by websites defacement aim to completely change its design. This results in a new configuration that is unusable by visitors and sometimes even by the website owners themselves. Thus, the site can become uniformly black , white or include messages, images, logos or videos unrelated to the initial purpose of the site, the notary’s office. It can go even further, a mention “owned” or “hacked” can appear to show that the site is no longer under the control of the original owner.
In order to commit their crimes, hackers exploit the uncorrected flaws of these websites. It is therefore important for notaries to apply security patches by updating their systems, software and browsers to avoid falling victim to these web criminals.
According to the official website cybermalveillance.gouv.fr: “during the attack, the site is often no longer usable, which can lead to direct losses of revenue and productivity.. Moreover, by being publicly visible, the defacement shows that the attacker was able to take control of the server, and therefore, potentially access sensitive data (personal, banking, commercial…): this directly harms the image and credibility of the owner of the site in the eyes of its users, customers, users, partners, shareholders, …“
Because of these increasingly frequent attacks, a special service has been created, the IC3 (Internet Crime Complaint Center). It is a multi-agency U.S. team composed of personnel from the Federal Bureau of Investigation (FBI),National White Collar Crime Center (NW3C) andBureau of Justice Assistance.
IC3’s primary mission is to serve as a platform for receiving and processing criminal complaints about cyber crime. IC3 provides complainants with a convenient and simple reporting mechanism to alert authorities of civil or criminal Internet violations they have experienced. IC3 notifies various law enforcement agencies of complaints.
In order to avoid using IC3 and thus becoming a victim of these cyber criminals and their malicious attacks, here are some preventative measures to take:
- Updates: regularly and systematically update the security of the operating system and software installed on your servers.
- Firewall: have a firewall that is carefully configured (close all unused ports)
- Log files: regularly consult these files of your firewall in order to detect any intrusion attempt, but alsothe logs of your exposed servers in order to identify suspect passwords in particular.
- Passwords:check that passwords are complex enough and change them regularly
- Awareness:make sure that users never give their access to a third party
- List of administrators:Do not keep an accessible list of the names of people with administrator rights on the server.
When the cybercriminal does not attack the website, it is the notary’s clients who are directly targeted.
The criminals particularly target the bank details of the clients, and this is not a coincidence. With this valuable information, they can recover an inheritance from a life insurance policy, for example.
Le village des notaires explains to us how they operate:
“ How do they do it? By social engineering techniques: the approach is made by telephone or by sending false documents, with the letterhead of notary offices. The cybercriminals announce the amount of capital involved in an inheritance, for example, and ask for a transfer to release it. The customers are invited to log on to the website of the notary’s office, to make payments or to transmit their bank details, … “
Now you know everything about cybersecurity and the different ways to protect yourself.
Do not hesitate tocontact usfor more information.