Security flaw and companies during containment
Today, it is an established fact, containment is a booster of cybercrime.
Indeed, who talks about confinement automatically speaks of telework. Who talks about telecommuting also speaks of remote access. Remote access that is unfortunately used, is misused when hackers manage to use them. And for this reason, hackers now have several vectors of computer attacks.
This article will also interest you: A serious security flaw on the GitHub platform unveiled by Google researchers
It should be noted that cybercrime has been very adaptable to the circumstances of the coronavirus pandemic.Indeed, unfortunately, the circumstances have evolved for companies in a rather exceptional way. Unfortunately, employees forced into telework are unable to separate their personal lives from their professional lives. In this way, several reprehensible behaviours have been observed. Behaviours that have led to the explosion of computer hacking, for all organizations. According to an analysis provided by Orange Cyber Defence, since March, computer attacks have literally tripled in number.
Despite the knowledge of phishing as a practice of cybermalence par excellence, computer scientists have managed to adapt to provide a new form in that can adapt to the situation of the coronavirus pandemic. Beyond everything, they succeeded in stealing data contained in computers sometimes personal but for professional use.
In addition, hackers are no longer just going through computers or servers. They now go much more through social networks. And this to adapt to the massive use of the cloud in the professional context. A use that continue to grow.
Going through social networks is more than necessary for hackers. Indeed, the teleworker now accesses his corporate server mostly through a VPN network. A protected network that prevents them from infiltrating. Such a situation is not acceptable to cyber-prisoners who necessarily want to take advantage of the situation. That is where the problem of social networks comes from. If the employee is protected by VPNs when he accesses his company's server, they cannot protect him from social networks. Connections that are mostly unprotected. As a result, hackers can do this in a variety of ways.For example, social engineering that has paid off against Twitter. There is also phishing, which remains the preferred practice of cyber criminals.
Apprehended in this respect, remote work, combined with the use of social networks, presents itself as a real danger to companies. Especially when you know that it only takes less than an hour for a hacker to be able to encrypt access to multiple desktops. In 24 hours, nearly a hundred jobs can be controlled by cyber criminals.
In a statistic published by Pierre Jacobs, the director of Orange Cyber Defence West,
– Nearly 86% of companies have suffered a computer attack that has taken root in social networks in the last 6 months
– 5% of targets in the past, have been caught by links produced by hackers in order to initiate phishing attacks
– 30% of targets have clicked on links in the last 10 years.
Today, the risk has increased. This is because cybercriminals are able to adapt much more easily than before. Their techniques are becoming more and more concrete.
In another study of small and medium-sized enterprises and mid-sized enterprises by Orange Cyber Defence, it was noted that:
– 95% of these organizations were confronted with phishing attempt, directly related to the workstation of their employees in telework mode
– 70% of these attempts have enabled cybercriminal access to companies' computer networks.
"In this time of pandemic, home Internet users face a psychological and social fragility that can cause them to click on a questionable link. To anticipate these attacks, cyber defence specialists such as Orange are developing solutions and offering support to companies. However, this technique must also be followed by an awareness that allows employees to make good use of computer science at home. "says the head of Orange Cyber Defence West.
Now access an unlimited number of passwords: