Telework and cybersecurity

It has been more than a month since the general containment was announced by the French government.

To address the problem of such a government decision, several companies have decided to turn to remote work.

This article will also interest you: Confinement and Cybersecurity: RSSI and companies are concerned

Today in France there are nearly 8 million teleworkers. Such a situation, although necessary, presents a great deal of risk in some respects. Indeed, telework is increasingly exposing companies to cyber criminals. Because they are forced to offer their networks under certain conditions to facilitate remote work. Since then, there has been a sharp increase in cyber-attacks and repeated intrusion attempts. Hackers are on the rise. Knowing that employees and all those involved in this kind of system are not always disciplined, disasters is never far away. So one wonders how to ensure a stable and safe position towards telework and to remain in this system until the end of the Confinement. How can we protect ourselves from the relentless attacks of cyber-prisoners?

The first step is to accept a very clear logic in the field of computer security. No company, no public or private structure is safe from cyber criminals. There is no 100% protection when it comes to cybersecurity. Cybersecurity and ICT consultant Régis Le Guennec noted: "No company is 100% protected." However, it clarifies another reality. If no company is 100% protected from cybercrime, this does not exclude the fact that companies do not have the same level of security.Because there's a ladder. "There is a lag. Large companies have already put resources in place to protect themselves when some small and medium-sized enterprises (SMEs) are just aware of the risks associated with cyber attacks. ».Noted the expert. He later added: "In this area, there is no risk 0, no company is 100% protected. But resources must be deployed in order to get as close as possible to these 100%, by adopting good practices and raising awareness among employees. ».

On the other hand, it would be appropriate to consider how cybercriminals work. How can they go from phishing to ransomware? How do they manage to organize themselves? on this question, experts have always maintained that hackers have a well-defined process in relation to their objective. However, "The most common cyberattacks are phishing, ransomware and service blocking. explains Régis Le Guennec. While phishing is designed to trick users into stealing important information, the ransomware attack takes a computer system hostage to demand a ransom payment from system officials. "Often the hacker sends a message with an attachment, which, when clicked on it, accesses your hard drive to encrypt it. Then you receive another message in which you are asked to pay such a sum to decrypt your hard drive, or risk losing your data. stresses the expert.

The risks associated with cyber-attacks are diverse. They vary depending on the scope of the attack, the means used by cyber criminals and their objectives. Therefore, a computer attack initiated for the purpose of spying is literally different in terms of its consequences when the attack aims to destabilize the information system for example. This is the same when the goal is to simply steal data, which is a common activity among cyber criminals. "For example, data from a complete profile (i.e. bank data, social media accounts, e-commerce sites, etc.) haggle for about €1100 on the darkweb. stresses the expert.

In practice, hackers are distinguished into two main categories. They are associated with the phrase hacker. We are talking about "white hats" and "black hats" hackers. Clearly, the first are the good guys. The latter are the bad guys. We often talk about an ethical hacker and a malicious hacker. Ethical hackers are people who help companies uncover security vulnerabilities and see how closed they are. As for the others it is the classic cyber criminals. Régis Le Guennec notes: "White hats, or white hats, are ethical hackers whose intentions are not malicious. They are the ones who check companies' waterproofing of intrusions and potential vulnerabilities. On the other side, we find the "black hats" or black hats. Unlike ethical hackers, black hats are cybercriminals driven by the urge to harm or mercenaries who are hired to attack STATES and companies of the CAC40." He later added: "Between these two categories of hackers, we find the grey hats, which have no bad intentions but which sometimes act illegally to reach their end, as is the case of activists, or hacktivists, like anonymous. ».

Now access an unlimited number of passwords: