Protecting against threats

MODULE CONTENTS

This first introductory module presents an overview of the cyber threat, its context, its stakes and the importance of taking IT security into account for companies and organizations. It also aims to motivate employees to get involved in the subject.

PEDAGOGICAL OBJECTIVES

  • Introduce the subject of e-learning

  • Knowing the different types of computer attacks

  • Understand the motivations of hackers

  • Engaging employees

The digital world has evolved along with the changing threats.

Hackers are constantly adapting their techniques to achieve their goals. The hacker can work alone or in a team. Their motivations differ, such as data theft and identity theft, espionage, destabilization of a company or a country, or simply by personal challenge. For example, the famous "Anonymous" organize punitive operations against companies by attacking them through hacking sites or databases.

There are different types of attacks: mass attacks and targeted attacks.

Mass attacks do not care about the person being attacked. The principle is to take control of several poorly secured connected objects, such as computers but also surveillance cameras, to form a network of devices called a "botnet". This botnet will allow to send fraudulent mass emails to obtain information. This is the case of "phishing" or "ransomware" type attacks. They are inexpensive to carry out for an experienced hacker.

Targeted attacks are focused on an individual or a company. Hackers collect information carefully to penetrate their networks and find what they are looking for. These attacks take longer to execute. The consequences for the company can be catastrophic, such as theft of patents, money, damage to image or even paralysis.

To protect against these attacks, it is necessary to :

Today we are connected everywhere, at work, at home, in transport, abroad... We increasingly mix private and professional life, connecting to business services at home or connecting to personal services at work.

In order to be responsible and actors in cybersecurity we must :

Personal and sensitive data is very valuable to malicious minds. And even as companies are constantly upgrading their security levels, we each have a role to play in protecting them.