The massive outage that Google suffered across the world on Monday, December 14 “raises the question of the diversity of suppliers, so as not to be dependent on the availability of one of them”, according to cybersecurity expert Nicolas Arpagian. Guest of franceinfo, he declares that there is “not necessarily the key to hacking”. “A technical incident, a poorly controlled ramp-up or certain program updates” can, according to him, pose just as many difficulties. The author of “Cybersecurity”, at the Presses Universitaires de France (PUF), believes that this failure “points to dependence on the multitude of Google tools”.

franceinfo: Do ​​we know what exactly happened?

Advertisement

Nicolas Arpagian: No, it’s premature. The Alphabet company will likely communicate to provide explanations. There is not necessarily a hacking involved. It could be a technical problem, a poorly controlled ramp-up or some program updates that cause difficulties. On the other hand, it points to the dependence on the multitude of Google tools.

It is in fact the whole Alphabet family, the parent company of Google, which was concerned.

Nicolas Arpagian

Advertisement

to franceinfo

In addition to the well-known search engine, you have messaging, you have Google Home, that is to say the connected home which allows you to control the lighting, the cameras in the house, the thermostat, the music speakers. .. So, we can see that it’s a whole ecosystem. And that therefore raises the question of centralization within the same entity, even if it is decentralized as is Google. You have companies that have also put part of their business on file storage systems. And so, we can see that this raises the question of business continuity and the availability of information. Now everyone is looking to see if they have been able to restore and once again have access to their information heritage. This is one of the real issues. Hence the issue of diversity in suppliers, so as not to be dependent on the availability of one of them.

Do we need more regulations like the one that is shaping the European Union against monopoly situations as can be the case with Google?

Advertisement

In any case, consumers, beyond regulation, must understand the fact of technological centralism. This can obviously be an element of daily operational ease. But we can clearly see that if the latter fails or drastically changes its policy, this can become an element of fragility that would challenge or discuss the independence of the consumer and his ability to manage his assets as he wishes.

This incident is part of a series in recent days, with cyber attacks by the US government this Sunday and computer system attacks from some pharmaceutical companies. Nobody is therefore safe?

No, because it is a technological tool and obviously the more we digitize our activities, in the governmental sphere, in the economic sphere, or in the personal sphere, the more exposure to risk grows. This is why the question of data availability, integrity and confidentiality are really the three priorities of a digital deployment which, moreover, is completely beneficial and creates value. But we can see that there is this necessary confidence in the ability to keep information available. So far, in view of the mass of information it manages, Alphabet has managed to keep this commitment to availability, but indeed, for a few short hours, we have felt this fragility. This therefore raises the question of real equipment strategies in the choice of its partners. You may need to divide your risk by varying the nature of your suppliers so as not to be affected by the failure, even accidental or unintentional, of one of them.

Advertisement