Cyber attacks date back as far as the Internet. However, the first major cyber attack was in 1988. Since then, malicious software has continued to evolve and multiply, so much so that the risk has become real for companies of all sizes (very small businesses are often the most targeted). Today, 57% of cyber attacks have negative consequences, including production disruptions, website unavailability, loss of revenue or even business interruption. If cyber attacks sometimes have similarities, it has become necessary to know them in order to better fight them. A major challenge for the cybersecurity of companies :
Cyberattacks: phishing, spear phishing and botnets
Phishing and spear-phishing are among the most common cyberattacks. Indeed, this threat concerned 79% of hacked companies in 2019 according to a CESIN study. According to the ANSSI agency ” phishing aims to obtain from the recipient of a legitimate-looking email that he transmits his bank details or login credentials to financial services, in order to steal money”.
While phishing is an attack addressed to a global mass of recipients, spear-phising is a targeted attack. To protect yourself, it is advisable to be critical and to analyze your e-mails. The easiest way to do this is to move the mouse cursor over a link before clicking to check its authenticity. Similarly, it is recommended to check that the URL starts with “https” on online shopping sites. Adding anti-spam filters to your inbox and anti-spam filters to your web browser can also be effective against phishing. Finally, it is possible to use a sandbox environment that simulates the opening of a potentially dangerous attachment or link.
The president scam or fake money order scam (FOVI) concerns 47% of companies attacked in 2019. It consists of impersonating an executive (CEO, CTO, supervisor, supplier…) to obtain a wire transfer. In 5 years, 2300 filings of this type of complaint have been recorded by the Ministry of the Interior. In March 2018, the Pathé group lost more than 19 million euros because of this fraud. To avoid falling into this trap, it is recommended to raise awareness among your employees.
A botnet (or zombie army) refers to a network of computers infected with malware.
Botnets are used to send viruses, steal data or perform DoS attacks. To do this, attackers use drive-by downloads and e-mail. The most famous botnets are Kelihos, Conficker, Zeus, Waledac and Mariposa. To counter them, it is recommended to make regular security updates or to use RFC3704 filtering.
Cyber attacks: malware, rootkits and DoS
Malware is both vicious and numerous. They are capable of recording data without a user’s knowledge (spyware), holding files hostage (ransomware) or hiding in legitimate-looking software (Trojan Horse). Among the most famous malware is Stuxnet, used in 2010 against a centrifuge at the Natanz uranium enrichment site in Iran. There is also Triton, a malware directed against the Petro Rabigh company in Saudi Arabia, which could have had disastrous environmental consequences if it had not been stopped in time.
Rootkits or exploit kits allow hackers to access the administrator account of a machine. Thanks to them, it is easy to gain administrator privileges. A sneaky method that can also be used to hide other malware on a device. Once in possession of the operating system control, the hacker can then use its functions remotely. Some rootkits can even alter the security settings of a machine, which makes them even more difficult to detect.
Distributed Denial of Service (DoS) is a cyber attack that can paralyze a website. The principle is simple: the attacker floods the site’s traffic until it malfunctions. The service then becomes unavailable, which can cause severe financial losses and damage the company’s image. This cyber attack is indeed public, and can therefore be noticed by the company’s suppliers, customers, partners and prospects. Moreover, it is advisable to be careful and to protect yourself with a firewall and complex passwords.
To limit the risks of cyber attacks, it has become essential to be more vigilant with regards to one’s computer network, USB keys, the web, applications, wifi, connected objects and suppliers and partners. All of them can be, each in their own way, vectors of a cyber attack. An effective cybersecurity method consists in equipping oneself with detection probes. Gatewatcher now offers its Trackwatch solution capable of analyzing network flows to detect advanced threats.