Discover ten types of common computer attacks, their impact on companies and tips to protect themselves!
Faced with sharply increasing cybercrime, many SMEs are now facing the same threats as large groups that are regularly victims of espionage, computer attacks or cyber fraud. We are talking about data theft, ransomware that encrypts the data and then decrypts it after payment of a ransom, scamming the president … In transport, the company’s commercial data is strategic while the sudden inefficiency management or planning software can bring the fleet to a standstill.
The risks in the event of failure or hacking of the information system are therefore major and accentuated by the digitization of the business. While it is very complicated to guard against cyber attacks, it is already useful to know how to identify them and to implement best practices in the company. Here are ten types of threats or computer attacks that can impact the information system and, behind, the activity.
Web or mobile applications
When they are not hosted by the company, they can be corrupted at the source. It is advisable to ask digital service providers about their security measures and to ensure that they regularly check the coding of their applications.
Phishing or phishing
It aims to collect confidential information (personal, banking, company passwords) while posing as a trusted third party. Hackers send fake SMS or emails that contain information forms on behalf of a recognized entity, institution or partner.
We talk of a scam to the president when the hacker pretends to be the manager of a company and claims, for example, accounting data from the administrative service. The simple advice: never fill out a form by email and contact the sender to check the validity of the message.
Ransomware or ransomware
Fashionably, it is used to encrypt and block access to the company’s computer system. Hackers take remote control of the system and demand a ransom to unlock it for example. According to telecom company Palo Alto Networks, the average amount of ransoms paid by companies almost tripled in 2020 (€ 96,832 in 2019 compared to € 262,761 in 2020).
Internal company source
It is not a direct cyber attack but the threat can sometimes come from former employees, subcontractors, temporary workers or even customers who, by malice or negligence, divulge passwords or IT processes. In addition to training staff in computer security, it tools exist for malware protection, access control and network flow monitoring which limit risks and detect flaws.
Connected object hacking
It can lead to situations of carjacking (road piracy) of autonomous vehicles that communicate with each other and with infrastructures. A hacker who infiltrates the system of an autonomous vehicle can take control remotely and divert the car from its original route. The entire automotive industry is currently addressing the issue of securing IoT communications for future vehicles.
The password attack
It aims to gain access to a user’s account by trying to find the password used to protect it using a decryption key or forcing technique. To protect against these attacks, it is recommended to force users to use strong passwords and not to reuse them. A password manager can help.
The denial of service (DDoS) attack
It makes the company’s internet network inoperative. Hackers use computers they have taken control of to flood corporate servers with traffic and deplete resources and bandwidth. Software is no longer able to process legitimate information flow.
Malware or malicious program
These are virus or worm type spyware. They are usually activated by clicking on a dangerous link or an attachment to an email.. Once installed the malware can secretly obtain information, block network access or even render the system unusable.
They occur when hackers interfere in a two-way transaction. Once hackers disrupt traffic, they can filter and steal data. For example, via unsecured public Wi-Fi access, hackers can insert themselves between a visitor’s equipment and the network and steal the data or install surveillance software without the victim’s knowledge.
Advanced Persistent Threat (APT)
It is a prolonged and targeted cyberattack, aimed more at monitoring activity and stealing data than causing damage. Monitoring incoming and outgoing network traffic can help prevent hackers from installing backdoors and extract sensitive data.
François-Xavier Combe, fEasyblue cyber insurance provider
Transport Info : Easyblue offers cyber insurance to very small businesses, what does it cover?
François-Xavier Combe: Our cyber assistance offer includes insurance to cover the costs of resolving a cyber attack and operating losses. It is marketed by monthly subscription between € 15 and € 45 per month with coverage up to € 50,000.
Via hotline partners and IT expert firms, we first resolve the customer’s failure and then cover the costs according to the damage. EasyBlue also supports companies in the mandatory declaration to partners and customers in the event of a cyber attack.
TI: Cybercrime is growing in SMEs, how to explain it?
F-X C : Since the global pandemic, attacks have multiplied both against large companies and government institutions, but also on small companies in all sectors. Teleworking and overnight use of software outside of the secure corporate framework has greatly increased the vulnerability of IT systems.
Faced with the giants who have the means to secure their systems and to cover themselves in the event of loss, hackers naturally turn to the smallest companies which become prime targets of ransom action and bank fraud through identity theft. for example.
TI: Can companies protect themselves?
F-X C : It is difficult to prevent a cyber attack, but we offer a guide to best practices that can be downloaded from the website as well as a cyber audit of companies. Lcyber insurance with business interruption and civil liability makes it possible to absorb direct economic losses without affecting the cash flow that we know to be fragile among carriers. This also makes it possible to avoid the indirect losses of image of seriousness and quality which the company often undergoes on behalf of its customers and partners.