Cyber attacks

Cyber attack: how to prevent the risk and protect your data?

Cyber attacks on organizations are becoming more and more frequent, especially since the Covid-19 pandemic. It is becoming more difficult to control, especially for SMEs due to higher network use and weak cyber security systems.

Published on 25 June 2021 (Updated on 27 July 2022)

What is a cyber attack: causes and consequences

You probably have heard about the ransomware on Ireland's healthcare system of May 2021.

This kind of attack on public health systems is becoming more and more frequent. The idea is simple: intruders access data stored on central servers and then demand a ransom to restore it for you.

Definition: Cyber attack

A cyber attack is an attempt by a malicious individual or organization, to breach the system of another individual or organization. The purpose of an attack is to make a profit from intruding on others' information.

A cyber attack is like a virus, it finds its way onto a device by exploiting a security loophole in vulnerable software, or by tricking somebody into installing it.

It can be, for instance:

  • introducing malware into data (in order to damage or steal data)
  • disabling computers
  • shooting down systems
  • using a breached computer as a launch point for other attacks

What are the different types of cyberattacks?

The increase of different types of cyberattacks is becoming more problematic as hackers start to mix them together. Therefore, identifying and fighting against cybercrime is becoming increasingly difficult.

Some of the common types of cyberattacks are:

  • Phishing: sending emails that appear to come from a trusted source to steal sensitive data such as passwords, user information or credit card details
  • Malware: all types of malicious software such as viruses, worms, ransomware
  • Man-in-the-middle, MitM: an eavesdropping attack where the hackers insert themselves between two parties and use someone else's device as a source
  • Structured Query Language, SQL injection: insertion of malicious code into a SQL database which can reveal, modify or delete data
  • Zero-day exploit: hackers exploit an issue that has been announced to the public but have not yet been solved
  • DNS Tunneling: hackers exploiting DNS traffic to carry out malicious activities
  • Denial-of-Service, DOS attack: the hackers seek to disrupt the traffic, temporarily or indefinitely, of a device or network.

The objectives of the attacks are:

  • Espionage
  • Sabotage
  • Extortion
  • Reputational damage
Data encryption ransomware is common

A step-by-step guide of what happens during a cyber attack

To understand how to mitigate a cyberattack, you need to know its different stages. Let's take the example of a company victim of a data theft attempt:

  1. First, the hacker finds a loophole in the computing system. He/she can, for example, access the email box of a staff member who is not very careful in choosing the password. The hacker can also seize a stolen business device, or exploit any other breach in an application, a server, or a network. The hacker uses this to infiltrate the information system and install malicious software. He/she can remain in this position for months as an observer, without attacking.
  2. Then the malware will explore the victim's computer network in search of other exploitable computer security flaws. It can connect to a botnet, or a network of hacking bots, to expand its malicious code and strengthen its areas of action. By opening multiple access points, the hacker will then have a lot more chances of success in case the attack is detected.
  3. Finally, the hacker can infiltrate the computer network and seize confidential data and thereafter encrypt it to demand a ransom.
  4. If during the data theft process, the cyberattack has not been detected, the hacker can remain for months without revealing themselves. They may even return to the computer network to steal more information. The potential negative consequences for the company are then increasing.
A cyber hacker during a cyberattack

Who is targeted by cyber threats?

A famous example of this kind of cyber attack is the Internet Research Agency (IRA). This Russian company created hundreds of fake accounts on social networks, aiming to discredit the candidacy of Hillary Clinton, in favour of Donald Trump (Source: What We Know About How Russia’s Internet Research Agency Meddled in the 2016 Election, 2018).

The State of the Phish 2020 report by Proofpoint shows that 75% of companies installed a new telecommuting model in 2020, yet only 39% of those have trained their employees on IT security. Yet, company's weaknesses in the face of cybercrime are primarily related to human vulnerabilities.

The Verizon 2019 study shows that 43% of companies affected by cyber attacks are SMEs. A statistic that has logically increased since remote work started to boom with the COVID-19 pandemic. Moreover, another survey underlines that 41% of the VSEs have already undergone this type of online hackings.

According to an article from lifars, a cybersecurity company, IBM estimates that a company takes an average of 280 days to detect, contain a data breach, and get back to normal activity. IBM’s report also claims that by reducing this response time to 200 days, a company could save $1 million in costs.

What could the consequences of a cyber attack be?

The results from a cyberattack depend on the category of cybercrime experienced.

  • DDoS attacks can result in a website being blocked and therefore a loss of natural traffic, or even reputational damage.
  • Theft of industrial property and extortion of confidential data impact the company financially but also damage its reputation. It might also result in penalties due to a violation of the General Data Protection Regulation (GDPR).
  • President's attacks and other email abuse such as Business Email Compromise (BEC) result in heavy financial losses.
  • Computer system infiltrations and other access breaches slow or stop ongoing operations.
  • Cyber crisis management can be costly, especially due to the recovery of extorted or corrupted data.
  • All these consequences can lead to a financial devaluation of the company.
  • Moreover, insurance companies sometimes take advantage of the attack to increase their rates.

How to protect yourself from cyber attacks?

To protect your company from cyberattacks, a multilayered end-to-end cyber security architecture is important.

Below are some actions you can take to protect yourself from cyberattacks:

  • Have your cybersecurity audited.
  • Protect yourself with an antivirus, a firewall, a bot manager, or even a Security Event Information Management (SIEM) adapted to the vulnerabilities identified by the audit.
  • Train employees and management staff on the human vulnerabilities that are a breeding ground for cybercriminals, using an IT charter or best practices guide.
  • Insist on the importance of strong passwords of more than 8 characters, to be updated regularly.
  • Have a crisis management plan in case of a security breach.
  • Leave it to the IT department to secure equipment and backups of sensitive data in a closed room with limited access.
  • Make regular backups of your confidential data in order to keep a usable version in case of a cyberattack.

3 questions about cyber attacks

A cyber attack is a harmful action against a computer system. It can target individuals as well as public or private organizations. The hacker could also be an individual or an organization.

Some of the most common cyber attacks these days are: Denial-of-Service (DDoS) attacks, Phishing, Malware attacks, Man-in-the-Middle (MitM) attacks.

Cybersecurity consists in a set of measures to protect computer systems: servers, computers, equipment, networks, files, messages. It is also called Information Systems Security, InfoSec. The system helps to protect the network, computers but also users.