Back
Insurances - Loyco - Risk management | publié par Loyco | 28.09.2022
Cyber News

Cybernews: raising awareness to prevent cyberattacks

Following the launch of the Cyber Risk Clinic last May, we give the floor to a number of cyber experts who are active in this new structure. In this “cyber news” series, they decipher for you the issues linked to these particular risks, and share concrete cases of cyber-attacks encountered in their professional practice.

For the second episode in our series on cyber risks, we put 3 questions to Bertrand Fournier, CEO of Silicom Group SA, partner of the Cyber Risk Clinic.

Employee training is the last line of defence when technology has failed to stop certain attacks.

Is there a specific type of customer who calls on your services for cyber security issues?

The customers who call on our services are, unfortunately and all too often, those who have already been affected by an attack. These range from small companies with 2 employees to companies with several dozen employees, who already have specific training needs. To sum up, it’s fair to say that everyone is affected by this issue, but it still seems a long way from the concrete priorities such as COVID or rising energy costs.
Companies are not yet sufficiently aware of the value that stored data can have when cross-referenced with other sources.

What are the latest attacks and what is their financial impact?

The two types of attack for which we currently help and support the most customers are:

  1. Phishing: a method designed to steal login information and embezzle money by pretending to be an organization, customer or supplier you know.
  2. System encryption by malicious software (malware): an attack that encrypts files on computers, then demands a ransom in exchange for the decryption key.

In the first case, the financial consequences can range from the simple embezzlement of funds by bank transfer to the implementation of more complex systems, linked to the so-called “man-in-the-middle” technique, which in some cases has enabled the embezzlement of several tens of thousands of francs, as demonstrated in the case study below.

How can we prevent these cyberattacks?

The most important thing is to avoid the “onset” of the attack by keeping your systems up to date, and protecting your network and data with all the best practices available. These can range from technical solutions, which eliminate the most common fraudulent behaviors, to more complex systems of attack detection and 24/7 active monitoring. The last of the defenses that can benefit the user is training. That’s why Silicom Academy invests a lot of time in building staff awareness courses to make them the last line of defence when technology has failed to stop certain attacks.

 

Cyber attack case study

A company spied on by a hacker for months at a cost of CHF 60,000.

A hacker managed to break into the systems of a company with around 30 employees operating in Switzerland and internationally with European suppliers, which did not use two-factor authentication. He hacks and observes Outlook e-mail exchanges for 3 months at any rate. Incoming and outgoing e-mails were intercepted by passing through a sub-folder, then rewritten to build confidence. Here’s a diagram of the attack.

After months of work and observation, the hacker intercepted an invoice issued by a well-known Spanish supplier, and used a change of IBAN on a new Swiss account at UBS as a pretext. The payment, amounting to more than CHF 60,000, is validated by the company’s fiduciary department and by two other persons authorized to validate and make payments internally.

The money is transferred by the company to an account that will be closed immediately after the transaction, in return for damage of CHF 60,000 with no cyber coverage. Following this, the customer lodged a complaint, which unfortunately had no impact other than to feed the statistics and protect those who didn’t have insurance.

Case study: cyber attack, changing management rules

What could have been done to avoid these dramatic developments?

  • The implementation of two-factor authentication;
  • Geofencing for bank account connection;
  • A call back before payment of the invoice with the supplier;
  • Raising employee awareness would have aroused suspicion and certainly led to a call-back with the customer.

 

Silicom Group is a partner of the Cyber Risk Clinic, active in training and crisis management.

We are delighted to have Silicom Group as a partner in the Cyber Risk Clinic. Specialized in raising awareness among users of all types (executives, employees), their approach is geared towards “positive”, non-anxiety-inducing training, enabling employees to make the right decision with confidence, using the skills acquired during their internships or workshops.

As a reminder, the Cyber Risk Clinic’s “Training” package is made up of several sections:

  • Access to e-learning content for self-paced learning;
  • Organize workshops, seminars or courses in small groups for all your employees to encourage interaction and question-and-answer sessions.

The following concepts, among others, are covered:

  • Stakes, risks, costs, concrete examples;
  • Risk assessment;
  • Governance information;
  • Business continuity;
  • Safety policy and charter;
  • Identification, prevention and crisis management scenarios.

 

More information

– Discover all Cyber Risk Clinic packages
– A look back at the launch of the Cyber Risk Clinic
Cyber Risk Clinic website

 

Your contact

Lionel Ducommun: lducommun@loyco.ch / +41 78 805 16 13

See all news