search
Where Thought Leaders go for Growth
Reference a solution

Cybercrime: examples and measures to protect sensitive projects

Cybercrime: examples and measures to protect sensitive projects

By Lionel Roux

Published: 29 October 2024

The pirates are back! But instead of roaming the oceans, they're now surfing the web and computer networks to attack businesses and administrations of all sizes and in all sectors. Do you really know what's at stake when it comes to IT security? Find out.

The Global State of Information Security Survey 2018 shows that in 2017, French companies lost an average of €2.25 million to cyber attacks, 50% more than in 2016. On average, French companies identified 4,550 incidents, or around 12 incidents per day relating to the security of information systems. This was despite an average investment of €4.3 million in security in 2017.

Cybercrime and its consequences (interruption of operations, loss of sensitive data, negative impact on product quality, even threats to human life) are generating ever greater financial losses for businesses. Today, securing IT systems is a priority issue for SMEs and large companies alike.

Find out about the different types of attack, examples of hacking and what measures you can take to reduce the risk of falling victim to cybercrime.

The different types of attack

There are conventional attacks, the most classic and common, which take advantage of employees' naivety.

Here are a few examples:

  • Extortion of funds,
  • Bank card fraud,
  • Commercial fraud,
  • Identity theft,
  • Breach of trust.

And technological attacks that exploit vulnerabilities in IT systems, including :

  • Installation of spyware or hacker programmes,
  • Theft, deterioration or destruction of information,
  • Intrusions.

Cybercriminals use a variety of techniques to achieve their ends.

1. Phishing

This fraud technique is very widespread (we all receive large quantities of spam every day) and aims to obtain confidential information such as customer bank details , employee IDs and passwords, etc.

To achieve this, the hackers send a fraudulent email impersonating a trusted person or organisation (a bank, a lawyer, a supplier, a customer, a public institution such as the tax authorities, etc.).

The email sent is often alarmist (payment urgently required, account closure, etc.) or positive (new order, exceptional discount, etc.).

The recipient is asked to update their details by clicking on a link that redirects them to a fake site. Once the person has filled in the form with the requested information, the cybercriminal retrieves it and uses it illegally.

Be careful: it is very difficult to tell the difference between an official email and a fraudulent one, as the latter are so carefully crafted.

2. Ransomware

Everyone is familiar with the principle of ransomware: someone is kidnapped or something of value is stolen and a sum of money has to be paid to get it back.

This is exactly the principle behind ransomware, malicious computer software that takes your data hostage.

To do this, the cybercriminal sends an email containing a booby-trapped attachment or link. By clicking on the link or downloading the file, all the data on the computer (office documents, videos, photos, etc.) is encrypted and access is blocked.

A ransom is then demanded, usually in bitcoin or a prepaid card to avoid any trace, in exchange for the decryption key.

According to the latest Euler Hermes-DFCG barometer, 22% of French companies fell victim to ransomware in 2016.

3. Virus attacks

When talking about computer viruses, it is important to distinguish between three categories:

    • Viruses : the virus spreads and damages your computers, files and software. Some viruses are more serious than others. Note that a virus may be present on a computer, but may not infect it if it has not been activated by human intervention (opening or running the programme containing the virus);

    • Worms: the purpose of a worm is to duplicate itself and spread from computer to computer, in particular by using networks. By multiplying, it uses up too much system memory and saturates web servers, network servers and individual computers, which cease to function. Unlike viruses, they do not need human intervention to spread;

  • Trojan horses: this is a destructive programme that opens a clandestine access door in a computer and allows malicious users to control it remotely in order to steal confidential data or use it for malicious purposes. Unlike a virus or worm, a Trojan horse does not reproduce itself.

Examples of cyber attacks

According to La Tribune, cyber attacks take a variety of forms and have a variety of objectives, including industrial espionage, attacks between competitors, extortion and fraud. Customer files hijacked and resold, production lines halted, data stolen (employees, customers, suppliers), blackmail...

The consequences can be numerous and disastrous.

Here are a few examples of cyber attacks that have caused a stir in recent years:

    • In September 2017, Netflix subscribers received a fraudulent email (phishing technique) inviting them to update their bank details, on pain of suspension of their subscription ;

    • In November 2017, nearly 60 million Uber user and driver accounts were hacked. The American company reportedly paid the hackers $100,000 in exchange for the destruction of the data collected and their silence, but there is no guarantee that the data was actually destroyed. Uber waited more than a year before revealing this massive hack, which the European Commission described as irresponsible;

  • During 2017, a wave of cyber attacks affected several companies, banks and hospitals in around 100 countries. In France, Renault, Saint-Gobain and SNCF were affected by this massive hacking using ransomware.

As well as causing considerable financial losses (compensation, loss of turnover, etc.), cyber attacks can damage your company's image and reputation, and have an impact on the trust placed in you by your customers, partners and suppliers.

How can you protect yourself?

Governments and businesses of all sizes and in all sectors can be targeted by hackers.

Some subcontractors may even be targeted with the aim of reaching the major group for which they work. So it's vital to protect yourself and take steps to minimise the risks.

To combat cybercrime, you need to consider these three elements:

Technology

Make sure you use secure software that attaches great importance to the protection and confidentiality of your data.

Equip yourself with anti-virus software that can detect and prevent viruses from penetrating your computer systems.

Finally, remember to update your software regularly (via their official updates).

People

You need to make your employees aware of the dangers of cybercrime, the potential forms of attack and their consequences.

You also need to train them in best practice and the behaviour to avoid in order to protect the company's security and confidentiality (e.g. not opening an email or downloading an attachment from an unknown recipient, etc.).

The ability to deal with a cyber attack

Your company must be prepared for the possibility of a cyber attack.

So if your company or local authority is targeted by cybercriminals, it must be able to limit the damage, bounce back and continue or resume its business as quickly as possible.

Wimi Armoured for managing your sensitive and confidential projects

Are you looking for collaborative working software that's efficient, user-friendly and secure?

Wimi Armoured is an easy-to-use, highly secure collaborative platform that lets you collaborate effectively on all your sensitive projects while ensuring absolute confidentiality (end-to-end data encryption) and protecting you from the risks of cybercrime.

To do this, the software centralises and secures all the digital data exchanged by the team to complete a project (documents, tasks, video/audio calls, project calendars, instant messages, etc.).

Wimi Armoured offers features that are essential for team productivity and data security, such as :

  • a collaborative space associated with each project ;
  • centralised access management with a reinforced authentication system;
  • end-to-end data encryption;
  • biometric authentication;
  • a high-performance interface that saves time and reduces the risk of circumvention;
  • monitoring and alerts if atypical flows or behaviour are detected.

Another major advantage is that your data is hosted in France, by an independent French company.

As well as being easy to learn and powerful, Wimi Armoured provides practical solutions to protect your business from the threats of cybercrime.

The expert contributors are authors who are independent of the appvizer editorial team. Their comments and positions are their own. Sponsored article.

Article translated from French