🚀 Think you’ve got what it takes for a career in Data? Find out in just one minute!

Cyberattacks: Definition and modus operandi

-
4
 m de lecture
-
Cyber attacks refer to malicious attempts by individuals or organizations to compromise the confidentiality, integrity, or availability

One morning, users turn on their computers and discover that access is blocked... The website is down and no transactions can be recorded. Many companies have experienced this disaster scenario. What are cyber attacks and how can you do your best to avoid them?

Ask CEOs in the major democracies: “What is the main threat to your business today?”

Chances are they will say that the number one risk is a cyber attack. These are the findings of a study conducted by Forrester Consulting and covering the year 2022.

The survey was conducted in France, the United States, the United Kingdom and Germany, as well as in Belgium, Spain, the Netherlands and the Republic of Ireland. According to the study, 52% of French companies surveyed suffered at least one cyber attack in 2021, making France the second most affected country in Europe.

Attack on the computer system

We might as well face the facts: cyber attacks have become formidable.

What do we mean by this term? Various types of action aimed at a company’s computer system, from rendering it inoperable for a short or long period to diverting users to counterfeit sites.

The hacker’s motivation is often financial: by denying access to a company’s computer system, he can demand a ransom.

Other attacks are more simply aimed at exploiting the credulity of certain users.

Major cyber attacks

Cyber attacks can take many different forms. However, the main ones are as follows.

Ransomware

This type of attack is the most feared of all. A ransomware attacker scrambles the contents of computers using a ‘key’ (a complex sequence of numbers) known only to the hacker.

The hacker then demands payment of a ransom, usually in Bitcoin, as a condition for returning the data.

Virus

Viruses are more traditional malware. They are small programs that infect one or more software programs.

They come into action at a given moment and can slow down the operation of a computer or delete or scramble the contents of files.

Phishing

Viruses are more traditional malware. They are small programs that infect one or more software programs. They come into action at a given moment and can slow down the operation of a computer or delete or scramble the contents of files.

Some infamous cyber attacks

The phenomenon of malware dates back to the late 80s, but it gained momentum with the advent of the Internet. In March 1999, Melissa appeared, a virus concealed in an e-mail message.

It accessed the user’s address book and resent the message to 50 correspondents. Believing the email to be from a friend, they would open it and send it back, setting off a chain reaction. Within a week, six million computers were infected.

Based on the same model, I love you (May 2000) was long considered to be the virus that caused the most damage. Internet users received a mysterious love letter, which they had to open by clicking on the attachment.

The virus immediately scanned the user’s address book and sent the same infected love letter to each person in the address book. Because of the chain reaction, I love you affected 10% of computers connected to the Internet – including institutions such as the CIA and the FBI.

The most costly virus was NotPetya (2017), which spread via an update to financial software, MeDoc. The damage it caused was estimated at $10 billion in damages. Saint Gobain was one of the groups hit hard by NotPetya.

More recently, the phenomenon that has hit many companies has been ransomware. The developers of Wannacry combined the flaw in a program developed by the NSA (US intelligence agency) with self-replicating software. In spring 2017, Wannacry spread to more than 150 countries.

It affected factories, which had to suspend production, but also hospitals, temporarily unable to use their medical equipment. Wannacry hit Renault via a subsidiary based in Slovenia. And Fleury Michon saw its IT system blocked for five days. The consequences were more serious for smaller companies: an SME selling spare parts in Clermont was forced to close down following a ransomware attack.

A few precautions to take

How can you protect yourself against cyber attacks? As far as the IT department is concerned, it is crucial to carry out ultra-regular, encrypted data updates so as to be able to restore the company’s files to the most up-to-date state possible at any time.

In addition, a number of protection systems have recently been introduced, and it is essential to adopt one or more of them.

  • The first is two-factor authentication, which requires users to enter a code received on their mobile phone whenever they log on from an unusual device.
  • Specialised software such as Malwarebytes can analyse the slightest intrusion into a system and eliminate it.
  • In the same vein, the best recent anti-virus programs use the so-called “EDR” approach: they analyse dubious software behaviour rather than simply looking for virus “signatures” (specific code).
  • A ‘safe’ service such as Dashlane creates ultra-secure access passwords and manages them automatically.
  • Some advocate the use of security USB keys, such as Google’s Titan, which incorporates a hardware chip and firmware capable of performing a cryptographic calculation to uniquely identify each user.
  • Biometrics (recognition of physical attributes such as fingerprints or faces) is another type of tool that can protect computers.
    etc.

The major risk comes from the uninformed user

It turns out that the number one risk faced by most businesses is linked to the negligence of certain users.

A large number of people are capable of being fooled by spurious offers received in their email.

It is important to teach them never to click on an attachment or website address without first checking that the sender is known and genuine.

It is also important to teach them how to design their passwords properly, as this is a huge Achilles heel. Every year, Splashdata publishes a list of the 25 most frequently used passwords. What emerges is that the majority of Internet users use very easy-to-identify passwords, such as the number one of the lot: “123456” or “iloveyou”. The code “123456” has even topped the rankings for almost 10 consecutive years. If anyone wanted to make the hackers’ job easier, they couldn’t do better.

There are many other protective measures that can be taught, such as avoiding using a company computer on a public Wi-Fi network, such as that in a café.

Let’s not forget one point: it is crucial to train everyone who uses a computer in the basic principles of cybersecurity.

Facebook
Twitter
LinkedIn

DataScientest News

Sign up for our Newsletter to receive our guides, tutorials, events, and the latest news directly in your inbox.

You are not available?

Leave us your e-mail, so that we can send you your new articles when they are published!
icon newsletter

DataNews

Get monthly insider insights from experts directly in your mailbox