Who am I? A white man, almost 30. I wear hoodies and hack websites belonging to prestigious organizations like the CIA from my parents’ basement. Above all, I am thick-skinned. Have you guessed? I am, of course, a stereotypical hacker!
Movies and TV series continue to propagate this false and dated image. But due to changes in the internet, practices and infrastructures supported by the network, the threats we are facing are no longer the same as those in the late 20th century. The means used to attack organizations continue to grow, progressively revealing the absurdity of the stereotypical isolated attacker motivated by dark intentions rather than profit.
This series of articles aims to highlight a few iconic examples of the new cybersecurity challenges, and at the top of the list is: protecting the Internet of Things. Sensors are becoming increasingly prevalent in home automation, sports and fashion, and with them come new threats for potential attacks. Jean-Max Dutertre, a researcher at Mines Saint-Étienne, describes the risks these connected objects present and the solutions being implemented. In a second article, Jean-Luc Danger, researcher at Télécom ParisTech, expands on the list of solutions to these new threats.
“New challenges” does not only refer to new sectors or new systems in need of protection. With the growth of digital solutions in traditional fields, cybersecurity must also be developed in areas where it has long been considered of secondary importance. This is the work of Yvon Kermarrec at IMT Atlantique. As a member of the Research Chair for the Cyberdefense of Naval Systems, he explains why ships, and the entire marine sector, must tackle this issue head on.
The same is true for telephony, a sector which has long been affected by crime, but has benefited from relative indifference in terms of large-scale fraud. Impersonation to extort money, call forwarding schemes and telemarketing abuses are widespread. Aurélien Francillon, a researcher at Eurecom, is seeking first of all to better understand the organization of the participants and the structural causes of fraud. His findings are proving useful in the search for defense strategies.
Thanks to all the research efforts in the area of cybersecurity, the power relationship between attackers and defenders has become more balanced than it was a few years or decades ago. Organizations are increasingly well prepared and able to respond to cyber-attacks. In conclusion, Frédéric Cuppens (IMT Atlantique) and Hervé Debar (Télécom SudParis), both members of the Cybersecurity and Critical Infrastructures Chair at IMT, take a look at this topic. They review the latest technical solutions and strategic approaches that offer protection from even the most insidious threats.
Since the topic of cybersecurity is so vast and complex, this series of articles—like all of our I’MTech articles—does not attempt to be exhaustive. To further explore this topic, we recommend this list of articles from our archives: