search Where Thought Leaders go for Growth

Cybercrime: examples and measures to protect sensitive projects

Cybercrime: examples and measures to protect sensitive projects

By Lionel Roux

Published: October 29, 2024

The pirates are back! But instead of roaming the oceans, they're now surfing the web and computer networks to attack companies and administrations of all sizes and in all sectors. Do you really know what's at stake when it comes to IT security? Here's how.

The global study entitled "The Global State of Information Security Survey 2018" indicates that in 2017, French companies lost an average of €2.25 million to cyber attacks, 50% more than in 2016. On average, French companies identified 4,550 incidents, or around 12 incidents per day relating to information systems security. And this despite investing an average of €4.3 million in security in 2017.

Cybercrime and its consequences (interruption of operations, loss of sensitive data, negative impacts on product quality, even threats to human life) are generating ever greater financial losses for companies. Today, securing IT systems is a top priority for SMEs and large corporations alike.

Find out about the different types of attack, examples of hacking and the steps you can take to reduce the risk of falling victim to cybercrime.

The different types of attack

We distinguish between conventional attacks, the most classic and common, which take advantage of employees' naivety.

Here are a few examples:

  • Extortion of funds,
  • Credit card fraud,
  • Commercial fraud,
  • Identity theft,
  • breach of trust.

Technological attacks that exploit computer vulnerabilities, including :

  • Installation of spyware or hacker programs,
  • Theft, deterioration or destruction of information,
  • Intrusions.

Cybercriminals use a variety of techniques to achieve their goals.

1. Phishing

Phishing is a widespread fraud technique (we all receive large quantities of spam every day), designed to obtain confidential information such as customer bank details , employee IDs and passwords, etc. The aim of phishing is to steal a company's confidential information.

To achieve this, hackers send out a fraudulent email impersonating a trusted person or organization (a bank, lawyer, supplier, customer, public institution such as the tax authorities, etc.).

The email sent is often alarmist (urgent payment, account closure, etc.) or positive (new order, exceptional discount, etc.).

The recipient is invited to update their details by clicking on a link that redirects them to a fake site. Once the person has filled in the form with the requested information, the cybercriminal retrieves it and uses it illegally.

Be careful: it's very difficult to tell the difference between an official email and a fraudulent one, as the latter are so carefully crafted.

2. Ransomware

Everyone knows the principle of ransomware: a person is kidnapped or a valuable object is stolen, and to get it back, you have to pay a sum of money.

This is exactly the principle behind ransomware, a malicious computer program that takes your data hostage.

To do this, the cybercriminal sends an e-mail containing a booby-trapped attachment or link. Clicking on the link or downloading the file encrypts all data on the computer (office documents, videos, photos, etc.), blocking access to it.

A ransom is then demanded in exchange for the decryption key, usually in Bitcoin or a prepaid card to avoid any trace.

According to the latest Euler Hermes-DFCG barometer, 22% of French companies fell victim to ransomware in 2016.

3. Virus attacks

When talking about computer viruses, it's important to distinguish between three categories:

    • Viruses : the virus spreads and damages your computers, files and software. Some are more serious than others. Note that a virus may be present on a computer, but may not infect it if it has not been activated by human intervention (opening or executing the program containing the virus);

    • Worms: the purpose of a worm is to duplicate itself and spread from computer to computer, notably via networks. As they multiply, they use up too much system memory, saturating web servers, network servers and individual computers, which cease to function. Unlike a virus, it needs no human intervention to spread;

  • Trojans: these are destructive programs that open a clandestine access door into a computer, enabling malicious users to control it remotely in order to steal confidential data or use it for malicious purposes. Unlike viruses and worms, Trojans do not reproduce themselves.

Examples of cyberattacks

According to La Tribune, cyber-attacks take many forms and have many objectives, including industrial espionage, attacks between competitors, extortion and fraud. Customer files hijacked and resold, production lines stopped, data stolen (employees, customers, suppliers), blackmail...

The consequences can be numerous and disastrous.

Here are just a few examples of cyberattacks that have caused a stir in recent years:

    • In September 2017, Netflix subscribers received a fraudulent email (phishing technique) inviting them to update their banking information, on pain of suspension of their subscription ;

    • In November 2017, nearly 60 million Uber user accounts and drivers were hacked. The American company reportedly paid the hackers $100,000 in exchange for the destruction of the data collected and their silence, but there is no guarantee that the data was actually destroyed. Uber waited more than a year before disclosing this massive hack, which the European Commission described as irresponsible ;

  • During 2017, a wave of cyberattacks affected several companies, banks and hospitals in around 100 countries. In France, Renault, Saint-Gobain and SNCF were affected by this massive hack using ransomware.

In addition to considerable financial losses (compensation, drop in sales, etc.), cyber attacks can damage your company's image and reputation, and impact the trust placed in you by your customers, partners and suppliers.

How can you protect yourself?

Governments and companies of all sizes and in all sectors can be targeted by hackers.

Some subcontractors can even be targeted with the aim of reaching the large group they work for. So it's vital to protect yourself and take steps to minimize the risks.

To combat cybercrime, you need to consider these three elements:

Technology

Make sure you use secure software that places a high priority on data protection and confidentiality.

Equip yourself with anti-virus software, capable of detecting and preventing viruses from penetrating your computer systems.

Finally, remember to update your software regularly (via their official updates).

People

You need to make your staff aware of the dangers of cybercrime, potential forms of attack and their consequences.

You also need to train them in best practices and behaviors to be avoided to preserve the company's security and confidentiality (e.g. not opening an email or downloading an attachment from an unknown recipient, etc.).

The ability to cope with a cyber attack

Your company needs to be prepared for the possibility of a cyber attack.

So, if your company or local authority is targeted by cybercriminals, it must be able to limit the damage, bounce back and continue or resume its activity as quickly as possible.

Wimi Armoured to manage your sensitive and confidential projects

Are you looking for an efficient, ergonomic and secure collaborative software solution?

Wimi Armoured is an easy-to-use, highly secure collaborative platform that enables you to collaborate effectively on all your sensitive projects, while ensuring absolute confidentiality (end-to-end data encryption) and protecting you from the risks of cybercrime.

To achieve this, the software centralizes and secures all digital data exchanged by the team to complete a project (documents, tasks, video/audio calls, project calendars, instant messages, etc.).

Wimi Armoured offers features that are essential for team productivity and data security, such as :

  • a collaborative space associated with each project ;
  • centralized access management thanks to a reinforced authentication system;
  • end-to-end data encryption;
  • biometric authentication;
  • a high-performance interface that saves time and reduces the risk of circumvention;
  • control and alerts in the event of detection of atypical flows and behavior.

Another major advantage: your data is hosted in France, by an independent French company.

In addition to being easy to learn and use, Wimi Armoured offers concrete solutions to protect your company from the threats of cybercrime.

Expert contributors are authors independent of the appvizer editorial team. Their comments and positions are their own. Sponsored article.

Article translated from French