Cybercriminals have a variety of profiles and motivations that go beyond simple amusement. Cyber attacks” were often a way to test the robustness of protections by providing an unparalleled playground for exploration and skill development. Even if there are still hackers whose only hobby is to outdo themselves, cyberspace has turned into a gigantic territory for organized cybercrime.
Despite the increasing complexity of the digital ecosystem, cybercriminals have managed to develop equally complex attack techniques, adapting to new defenses and becoming more ingenious in their approach. As cyber attacks develop at a rapid pace, and their effectiveness increases, it has become essential to analyze and understand the methods and mechanisms by which cybercriminals are able to harm businesses. This analysis allows us to anticipate threats and their impacts. While some attacks are very sophisticated, many are fairly standard, and can be thwarted by applying some basic principles.
What are the preferred attacks by hackers on companies?
As the Internet and its ecosystem have evolved, different attack methods have been developed by exploiting vulnerabilities in information systems. In fact, according to a study conducted by the University of Maryland, a cyber attack occurs approximately every 39 seconds.
Among the most common attacks, we have selected the following, which alone concentrate the majority of security events:
- Phishing
Phishing is the most common method of attack. Simple and effective, this method generally consists of attracting the target’s attention by sending him an e-mail containing the virus and inciting the victim to click on a link or an attached file so that the hacker can have access to the machine’s information and perpetrate the malicious act. These emails are often addressed to employees, vulnerable and unaware targets, in order to execute more advanced actions such as the deployment of remote control tools, ransomware or even spying mechanisms. In 2020, Google announced that it had identified more than 2 million phishing sites during the process of indexing websites on its search engine. These links to phishing sites are frequently distributed through phishing email campaigns. According to research conducted by the Tessian Group, 96% of phishing attacks are carried out by email.
- Ransomware
Ransomware is malicious software that encrypts and steals valuable information for its owner or locks up a company’s computer assets. A ransom is then paid to the victim organization, under threat of disclosure or destruction of the information. Approximately 62% of companies have already been targeted by ransomware (Source: 2020 Cyberthreat Defense Report, CyberEdge Group, LLC) . Although we see a downward trend compared to other types of attacks (such as phishing), ransomware remains dangerous and among the most active threats. What makes it so dangerous is the considerable downtime that ransomware can cause for a company. Their success is mainly due to the increasing number of ransom payments from victims, which accounts for more than half of the attacks perpetrated.
According to the ANSSI, companies have seen a 255% increase in the number of ransomware attacks that could be detected (between 2019 and 2020).
- Internal Fraud
The number of cyber attacks from internal employees has been on the rise over the past two years. In fact, according to the 2021 Insider Threat Report by Cybersecurity Insiders, 57% of companies are noticing an increase in the number of cyberattacks internal to their organization. Internal fraud consists primarily of embezzlement, sharing of prohibited content, and other actions that are against the law or against the security policy of an organization.
- DDoS (Distributed Denial of Service) attacks
Distributed Denial of Service (DDoS) attacks are complex attacks that jeopardize the availability of online servers and services. They are performed by sending a large number of requests to the network or to the targeted resource. This attack mainly targets online services such as e-commerce sites in order to blackmail or harm competitors. Due to the health situation, in 2020, the ATLAS Security Engineering and Response Team (ASERT) was able to identify about 10 million DDoS attacks, 1.6 million more than the previous year and the trend is still rising(15.4 million in 2023 according to CISCO).
- President’s Scam and Whaling
The president scam is a method increasingly used in the computer world to obtain money. The hacker poses as an executive member of the target organization and gains the trust of the targeted individuals through various exchanges and then requests unscheduled transfers to international accounts. A variant exploits the same spring, but with a broader target where the attacker is not limited to the CEO, but to all senior executives within a company).
How do they manage to get around certain barriers?
Despite companies’ gradual awareness of the pressing threat of cyberattacks, hackers manage to circumvent the security barriers put in place by organizations. Indeed, these criminals arm themselves with patience, study, follow-up and continuous acquisition of knowledge to achieve their ends. In addition, the digital environment provides a very good context for them to be discreet and not detect anything until it is too late for the target.
To bypass the defensive barriers of companies, two options are available to cyber hackers:
- Either, they use the internal collaborators in companies (by sending them malicious software by phishing methods in particular and by using specific techniques such as social engineering)
- Either by detecting vulnerabilities/exploits present on corporate IT assets (caused by rapidly advancing technologies and poor security configurations often due to human error)
In the current environment we are in since 2020, Covid-19 has forced companies to adapt to new ways of working, which has had the effect of highlighting some weaknesses in the arrangements. Vigilance is also down during this period. Telecommuting brings with it its own set of constraints by fostering an environment conducive to cyberattacks. At Orange Cyberdefense, cyberattacks increased by about 25% during containment. Attackers exploit these moments of decreased vigilance to organize and conduct large-scale attacks.
Article written by: exodata.
