Back
Insurances - Loyco - Risk management | publié par Loyco | 28.09.2022
Cyber News

Cybernews: raising awareness to prevent cyberattacks

Following the launch of the Cyber Risk Clinic last May, we’re giving the floor to several cyber experts who are active in this new structure.
In this series of “cyber news”, they decipher for you the issues linked to these particular risks, and share concrete cases of cyber-attacks encountered in their professional practice. For the second episode in our series on cyber risks, we put 3 questions to Bertrand Fournier, CEO of Silicom Group SA, partner of the Cyber Risk Clinic. Employee training is the last line of defence when technology has failed to stop certain attacks.

Is there a specific type of customer who calls on your services for cyber security issues?

The customers who call on our Services are, unfortunately and all too often, those who have already been affected by an attack.
They range from small companies with 2 employees to companies with several dozen employees, who already have specific training needs.
In short, it’s fair to say that everyone is affected by the issue, but it still seems a long way from the concrete priorities that COVID and rising energy costs in particular may have been.
Companies are not yet sufficiently aware of the value that stored data can have when cross-referenced with other sources.

What are the latest attacks and what is their financial impact?

The two types of attack for which we currently help and support the most customers are:

  1. Phishing: a method designed to steal login information and embezzle money by pretending to be an organization, customer or supplier you know.
  2. System encryption by malicious software (malware): an attack that encrypts files on computers, then demands a ransom in exchange for the decryption key.

In the first case, the financial consequences can range from the simple embezzlement of funds by bank transfer to the implementation of more complex systems, linked to the so-called “man-in-the-middle” technique, which in some cases has enabled the embezzlement of several tens of thousands of francs, as demonstrated in the case study below.

How can we prevent these cyberattacks?

The most important thing is to avoid the “onset” of the attack, by keeping your systems up to date and protecting your network and data with all the best practices available.
These can range from technical solutions that eliminate the most common fraudulent behaviors, to more complex systems of attack detection and 24/7 active monitoring. The last of the defenses that can benefit the user is training.
That’s why Silicom Academy invests a great deal of time in building staff awareness courses, making them the last line of defence when technology fails to stop certain attacks.

Cyber attack case study

A company spied on by a hacker for months at a cost of CHF 60,000.

A hacker managed to break into the systems of a company with around 30 employees, operating in Switzerland and internationally with European Suppliers, which did not use two-factor authentication.
He hacked into and observed Outlook e-mail exchanges over a period of 3 months.
Incoming and outgoing e-mails were intercepted by passing through a sub-folder, then rewritten to give the interlocutors confidence.
Here’s a diagram of the attack below.
After months of work and observation, the hacker intercepts an invoice issued by a well-known Spanish Supplier, using the pretext of an IBAN change to a new Swiss account at UBS.
The payment, amounting to over CHF 60,000, is validated by the company’s fiduciary Services and two other persons authorized to validate and make payments internally.
The money was transferred by the company to an account, which was closed immediately after the transaction, in return for a loss of CHF 60,000 with no cyber cover.
Following this, the customer lodged a complaint, which unfortunately had no impact other than to feed the statistics and protect those who had no insurance.

Case study: cyber attack, changing management rules

What could have been done to avoid these dramatic developments?

  • The implementation of two-factor authentication;
  • Geofencing for bank account connection;
  • A call back before payment of the invoice with the supplier;
  • Raising employee awareness would have aroused suspicion and certainly led to a call-back with the customer.

 

Silicom Group is a partner of the Cyber Risk Clinic in the training and crisis management package. We are delighted to have Silicom Group as a partner of the Cyber Risk Clinic. Specialized in raising awareness among users of all types (executives, employees), their approach is geared towards “positive”, non-anxiety-inducing training, enabling employees to make the right decision with confidence, using the skills acquired during their internships or workshops. As a reminder, the Cyber Risk Clinic’s “Training” package is made up of several sections:

  • Access to e-learning content for self-paced learning;
  • Organize workshops, seminars or courses in small groups for all your employees to encourage interaction and question-and-answer sessions.

The following concepts, among others, are covered:

  • Stakes, risks, costs, concrete examples;
  • Risk assessment;
  • Governance information;
  • Business continuity;
  • Safety policy and charter;
  • Identification, prevention and crisis management scenarios.

More information

– Discover all Cyber Risk Clinic packages – A look back at the launch of the Cyber Risk Clinic-Cyber Risk Clinic website Edit: Since 2024, Cyber Risk Clinic Services have been integrated into Loyco’s services. See Cyber Risk Services.

 

Your contact

Lionel Ducommun: lducommun@loyco.ch / +41 78 805 16 13

See all news