The pandemic has closed the corporate door to employees, but at the same time it has opened up half of their information systems to cybercriminals who have already been well helped by digital transformation. To estimate the magnitude of the phenomenon: the damage caused by cybercrime is equivalent to 3y The global economy behind the United States and China!
For companies and organizations, cyberattacks can sometimes have severe consequences. In addition to the direct effects (loss of business and activity, ransom demand, etc.), the indirect repercussions (damage to brand image with customers, partners and suppliers, depreciation of the stock market, etc.) are also severe penalties. It is not uncommon for a cyberattack to be followed by a business bankruptcy in the following months.
In the face of this ubiquitous cyber threat, all companies are not created equal: they do not have the same cyber maturity and the management team has not necessarily taken the full measure of risk.
While the number of ransomware identified by ANSSI has reached a very high level in recent years, SMEs and ETIs are among the most attacked organizations. While 86% of managers say they are sensitive to cyber risks, only 44% of ETIs make cyber security an investment priority. 80% of business leaders consider their company to be in good shape, even fully protected…but the operational reality is more nuanced!
Hacked image in 6 points:
1 – Cybercriminals Organization : As a cybercriminal, he does not act alone. It belongs to a structured, hierarchical organization with many specialized “collaborators”. Within this ecosystem, everyone has a mission with a common goal: to extract and utilize information!
2 – task sheet The role of the hacker is to successfully penetrate and corrupt the information system. Its goals are varied: ransomware, resale of data to interested third parties or directly to funds, and so on.
3 – Targeting How would he proceed to hack the information system? As simple as a thief: by scanning the infrastructure to find an open door or poorly closed window. And if the infrastructure is strong enough to avoid direct bargaining, he will attack the collaborators.
4 – Attack: Two scenarios arise:
- Automated bots scan our information systems to find security vulnerabilities that hackers then exploit
- Hacker performs targeted analysis on “potential account”
Once a breach is discovered, the cybercriminal simply gains a foothold in their victim’s information system in order to prepare to compromise.
5 – Compromise: Enough ! Conveniently wedged into his victim, the hacker will be able to capitalize on his efforts.
Depending on the motives that prompted him to act, his plan of action will differ:
- Either he is embezzling money
- It is either reselling sensitive or personal information to the highest bidder on the dark web
- Either it deposits ransomware in the system and demands a ransom to provide the decryption key
6- Extortion: Most of the time, he gets paid in cryptocurrency on the dark web: it’s anonymous, fast, and easy to use. For the police, these money movements are nearly impossible to follow and the few traces left are only temporary. Favorite currency? Bitcoin, of course! According to Marsh, Bitcoins account for nearly 98% of payments in ransomware extortion cases.
Are you ready to get into the hacker’s head? Download the black book
The Tribune is written by Cyrille Duvivier, Prodware’s Chief Security and Cyber Practice
<< اقرأ أيضًا: اخترق أحد المتطفلين أوبر >>>