Cyberattacks on organisations are becoming more and more frequent, especially since the COVID-19 pandemic. They are becoming increasingly difficult to control, too, especially for SMEs, due to their higher reliance on open networks and weak cybersecurity systems.
You have probably heard about the ransomware attack on Ireland's healthcare system in May 2021.
This kind of attack on public health agencies is growing more frequent. The idea is simple: intruders access data stored on central servers and block your access, then demand a ransom to hand it back to you.
A cyberattack is an attempt by a malicious individual or organisation, to breach the system of another individual or organisation. The purpose of such an attack is to make a profit from intruding on others' information.
A cyberattack is like a virus, it finds its way onto a device by exploiting a security flaw in vulnerable software, or by tricking somebody into installing it.
For instance, a cyberattack can include:
The rise of different types of cyberattacks is becoming more problematic as hackers start to combine techniques, making it increasingly difficult to identify and fight against cybercrime.
Some of the common types of cyberattacks are:
Objectives of cyberattacks can be:
To understand how to mitigate a cyberattack, you need to understand the different stages involved. Let's take the example of a company that falls victim to a data theft attempt:
1 / First, the hacker finds a loophole in the computing system. They could, for example, access the email account of a staff member who has not chosen a very secure password. The hacker can also seize a stolen business device, or exploit any other breach in an application, server, or network.
The hacker uses this to infiltrate the IT system and install malicious software. They can remain in this position for months as an observer, without attacking.
2 / Then, the malware will explore the victim's computer network in search of other exploitable computer security flaws. It can connect to a botnet (a network of hacking bots) to expand its malicious code and strengthen its areas of action.
By opening multiple access points, the hacker will then have a higher chance of success if the attack is detected.
3 / Finally, the hacker can infiltrate the computer network and seize confidential data, thereafter encrypting it to demand a ransom.
4 / If, during the data theft process, the cyberattack has not been detected, the hacker can remain in the system for months without revealing themselves. They may even return to the computer network to steal more information. The potential negative consequences for the company are virtually limitless.
A famous example of this kind of cyberattack is the Internet Research Agency (IRA). Among other things, this Russian organisation created hundreds of fake accounts on social networks aiming to discredit the candidacy of Hillary Clinton in favour of Donald Trump (Source: What We Know About How Russia’s Internet Research Agency Meddled in the 2016 Election, 2018).
The State of the Phish 2020 report by Proofpoint shows that 75% of companies installed a new working-from-home model in 2020, yet only 39% of those have trained their employees on IT security. It is important to note that company weaknesses in the face of cybercrime are primarily related to human vulnerabilities.
The Verizon 2019 study shows that 43% of companies affected by cyberattacks are SMEs, a statistic that has logically increased since remote work started to boom with the COVID-19 pandemic. Moreover, another survey underlines that 41% of VSEs have already experienced this type of online hacking.
According to an article by cybersecurity company LIFARS, IBM estimates that a company takes an average of 280 days to detect and contain a data breach, and return to normal activity. IBM’s report also claims that by reducing this response time to 200 days, a company could save $1 million in costs.
Fallouts from cyberattacks depend on the category of cybercrime experienced.
DDoS attacks can mean a website becomes unavailable for long periods of time, therefore resulting in a loss of natural traffic or even reputational damage.
Theft of industrial property and extortion of confidential data impact the company financially and also damage its reputation. It could also potentially result in penalties due to a violation of the General Data Protection Regulation (GDPR).
CEO fraud and other email misuse such as Business Email Compromises (BEC) result in heavy financial losses.
Computer system infiltrations and other access breaches slow down or completely stop ongoing operations.
Cyber crisis management can be costly, especially due to the recovery of extorted or corrupted data.
All these consequences can lead to a financial devaluation of the company.
What’s more, insurance companies sometimes take advantage of the attack to increase their rates.
A multilayered end-to-end cybersecurity architecture is essential for protecting your company from cyberattacks.
Below are some actions you can take to protect yourself from cyberattacks:
A cyberattack is when harmful action is carried out against a computer system. It can target individuals as well as public or private sector organisations. The hacker can be an individual or an organisation.
Some of the most common modern cyberattacks are: Denial-of-Service (DDoS) attacks, phishing, malware attacks, and man-in-the-middle (MitM) attacks.
Cybersecurity consists of a set of measures to protect computer systems: servers, computers, equipment, networks, files, and messages. It is also called Information Systems Security, InfoSec. The system helps to protect the network, its computers, and also its users.
related to cybersecurity and cyber risk quantification (CRQ)