Computer cyber attacks are new wars. More discreet and noiseless, they can, among other things, cause significant damage to company computer systems and large state networks. Cyber attacks cost $600 billion worldwide in 2017. These attacks, which increased by 35% in 2017, can occur through simple maneuvers. In the majority of cases, these attacks are carried out by sending viruses via e-mails or via USB keys.
The losses caused by these attacks around the world only further reinforce the awareness of the importance of cyber security and cyber law internationally. Cyber attacks have caused colossal losses even for developing countries. According to a study published by McAfee and CSIS in February 2018, they caused sub-Saharan countries to lose 3 billion dollars per year, or 0.2% of GDP. As for the countries of the Middle East and North Africa, they lose 5 billions of dollars each year. While the consequences of some cyber attacks are publicized, others are not.
These attacks affect all areas and all technologies, including the Internet of Things (IoT). The number of IoT attacks recorded in 2017 is alarming, these attacks increased by 280% in the first quarter of 2017 compared to that of 2016 (Revue Capital February 2018).
Even if these attacks are often voluntary and cause colossal losses, defense mechanisms exist to counter them. The solutions envisaged upstream are at the level of research on malicious software or the adoption, by legislative and regulatory means, of texts relating to cyber security.
As for downstream solutions, they generally revolve around the installation of firewalls or anti-viruses. These downstream solutions also involve the distribution of user charters, the development of user education programs and awareness-raising actions, in particular on the importance of back-ups. It should also be noted that artificial intelligence is increasingly used to improve the detection of cyber-attacks.
This also involves taking into account some essential precautions that we will explain to you below:
1- Attention, email is the most used means for cyber attacks:
Computer and smartphone users should avoid opening files from anonymous and unknown addresses. Email is one of the most common ways to carry out computer attacks. It remains the cheapest way for hackers who use it in more than 90% of cases. The first cyber attack recorded by viruses via e-mails, on a large scale, targeted Estonia in April 2007. Several sensitive platforms in this country were affected for several days. At a time when this country had adopted a paperless organization, fully computerized and where all information systems were linked by the Internet. Consequence: the whole country was paralyzed for several days, including the banks. In case of attack,
2- Be careful, the USB key is also one of the ways to spread a virus:
Computer attacks can be carried out by introducing viruses into USB keys, as was the case in 2010 in Iran. A virus has infiltrated Iran’s nuclear program in order to take control of nuclear centrifuges. Unlike the case of Estonia, where the attack came via emails, this virus called “Stuxnet”, was transmitted to Iranian nuclear centrifuges via USB keys offered to researchers close to the Iranian nuclear program during scientific meetings outside nuclear complexes. It should be noted that the computer network of the plant was not connected to the outside world. Given the complexity of the operation, computer experts have estimated the amount spent on the design of this virus concealable in a USB key and two years of work at 20 million dollars. Alerted in time, Iranian computer scientists were able to avoid damage to their nuclear centrifuges which were in the middle of the Iranian desert. So if you want to connect an unknown USB key, it is very important and as a precaution to deactivate the “AutoRun” function beforehand or to use cleaning software such as “USBfix”.
3- Avoid downloading dubious applications:
The operating system most affected by viruses according to the report of the French club of computer scientists would be that of Google’s Android. Often these viruses also reach smartphones via applications downloaded from App Store or Google Play. The advice we give and to limit the damage, is to avoid downloading applications through unrecognized sites.
4- Beware of WIFI connections offered in public places:
It is important to avoid connecting computers or smartphones to WIFI spaces in free public places without or with a password. If you are forced to do so in an emergency, you should not consult your bank accounts and avoid exchanging confidential data. Note that recently hackers have been able to intercept even secure WIFI exchanges. Updates of the various protocols are in progress.
5- Choose passwords that are difficult to dissect:
It is very important when choosing a password to combine numbers, letters and punctuation. Hackers with high-performance software to quickly test easy passwords, consisting only of numbers or letters of the user’s first and last name. Also, it is very important to avoid ticking the “stay connected” boxes in public WIFI areas or in cyber cafés.
6- save in order to face cyber attacks:
Attacks are on the rise. They attack individuals, companies or others. Even the PTT Maroc company website was attacked through a file attached to an email in 2016. To decrypt the content, the hackers demanded payment of five hundred dollars. But the rule is never to give in to hackers. Admittedly, the hackers initially ask for little money to decrypt your data, but then they blackmail you with large sums. And the most effective method is to back up offline periodically.
7- It is essential to update computer and smartphone software:
Often viruses are easily distributed on older versions of operating systems like Windows for example. So it is necessary to install updates of the software offered as soon as possible.
8- plan a budget for cyber security:
In most cases, awareness of IT security within companies is lacking. Even when it exists, a small budget is allocated to it, around 2% of the amount devoted to IT management. While this budget must be rather around 10% to have good computer hygiene! The cybersecurity budget increased by 8% in 2017 according to a study by Gartner. As an illustration of the importance of antivirus, over two billion cyberattacks were eliminated by antivirus in 2017 according to Kaspersky. Note in passing that computer attacks spare no machine and no operating system.
9- The human resource factor is important in the prevention against cyber attacks:
It is necessary to take the time necessary to educate the employees of the company, from the small employee to the CEO, in order to introduce them to the principles of computer security. Everyone in the company must be aware of the seriousness of cyber attacks and apply the safeguards mentioned above, such as paying attention to suspicious emails received and not opening suspicious attachments. At the Pentagon (USA) to eliminate the risk of computer attacks, they have created a zero-defect culture similar to that which exists in nuclear submarine boats. For example, to reduce human errors, the Pentagon has implemented six principles: mastery of any subject to be dealt with, strict application of procedures, teamwork at least one pair