With a growing cyberspace, and in particular because there are more and more connected objects, malicious actions are both more numerous and more sophisticated.
What is a cyberattack?
A cyberattack, or computer attack, is a deliberate and malicious action carried out by means of a computer network aimed at causing damage to information and to the people who process it. And everyone can be the target: individuals, companies, institutions, administrative services and health…
A cyberattack can be the act of a single person (hacker), a group of pirates, a criminal organization or even a State. Those computer attacks are facilitated by the growing amount of information put online and by security flaws in the systems.
To avoid risks as much as possible, human vigilance is essential and certain best practices should be adopted. First ? From strong passwords which do not contain any personal element (date of birth, children’s first names, etc.) and above all which are different for each site to which you connect. A password reused on several portals is more likely to be hacked and above all to have unfortunate consequences. It is also necessary to carry out regular updates of the software used. These updates aim to fill the security vulnerabilities detected by publishers and IT specialists.
The different types of cyber attack
Those malicious attacks to computing devices take many and varied forms. They can affect computers, tablets and smartphones. Without forgetting the servers as well as all the ancillary devices such as printers. And the motivations can be just as multiple:
- spying with the installation of spy programs or malware ;
- sabotage by means of an organized and widespread breakdown (in hospitals for example);
- ransom demand in exchange for a key encryption to unlock data that has been encrypted. We also dedicated a article entirely dedicated to ransomware ;
- data theft or identity theft;
- discrediting of a company or organization;
- attack by denied service which consists of disrupting or flooding the network in order to make it unavailable;
- phishing (also called phishing), a fraud intended to encourage Internet users to communicate data such as bank details, for example by displaying a fake site;
- brute force attack. In practice, hackers find a password by successively testing all possible combinations until they find the right one. Hence the importance of regularly changing important passwords.
In the event of a proven attack, it is advisable to react urgently and to check that proper functioning is restored. In business, the role of cybersecurity analysis is emerging. This professional, who can train in cybersecurity to learn how to thwart computer attacks often adopts a risk-based approach to implement the security strategy of the companies for which he works. In other words, it is a question of finding the possible faults and of establishing processes in adequacy.
Famous cyberattacks
1999: Melissa. This virus infecting email attachments Microsoft and spreading via the address book reportedly caused $385 million in damages. It is the work of a hacker named David Smith who was sentenced to 20 months in prison.
2010: Stuxnet. This virus affecting Windows systems has neutralized the centrifuges of the enrichment site ofuranium from Natanz in Iran. Stuxnet was the first malware to use the computer weapon against a state. The Israeli secret services would be behind this cyberattack.
2013: Yahoo. Victim of a gigantic hack in August 2013, Yahoo sees its 3 billion accounts affected, the largest data theft in history. Although no passwords or bank details were stolen, Yahoo was heavily criticized for revealing the hack only three years later.
2012: Shamoon. This malware crippled oil company Saudi Aramco for 15 days in August 2012. The virus again targeted several Saudi oil companies and government agencies in 2017. Iran is suspected.
2014: Sony Pictures. The hackers, calling themselves the Guardian of Peace, threatened the company with revealing sensitive information if the company did not access their queries. Five films were then leaked on Internet. The attack has been attributed to North Korea, which allegedly wanted revenge on a film caricatured dictator Kim Jong-un.
2016: Mirai. This attack transforms computers linux into remotely controlled bots, then forming an immense botnet used in particular to carry out denial of service (DDoS) attacks. The attack notably targeted the company Dyn, paralyzing many sites and services (Twitter, PayPal, AirBnB or netflix).
2017: WannaCry. This ransomware-type malware affected more than 300,000 computers in 150 countries in 2017. It exploits a Windows security flaw through contaminated attachments. It would be the work of a group of North Korean or Chinese hackers.
2017: NotPetya. This ransomware-type program causing a global cyberattack targets the same flaw as WannaCry. It paralyzed several large companies like Saint-Gobain or Auchan as well as the SNCF or the Kiev metro. NotPetya would be the costliest computer attack of all time ($10 billion).
2020: Easyjet. That year, the airline was targeted by a sophisticated attack that made it possible to steal the data of no less than… 9 million customers. Email addresses, travel details and some payment card details were stolen by hackers.
2021: Arles hospital. The Bouches-du-Rhône hospital center was the target of the Vice Society hacker group, which considerably slowed down the operation of the establishment. By demanding a ransom, the criminals paralyzed the workstations and encrypted numerous data belonging to the patients.
Interested in what you just read?