Cybercrime is on the rise and South African C-suites would do well to ensure that they have up-to-date and appropriately resourced strategies to deal with its threat. The pandemic showed us that while land and sea borders can be shut, in the digital village this is not possible, and more importantly, in many instances, it is unclear where these attacks originate.
The definition of cybercrime perhaps holds the key to who should take it seriously. Cybercrime is defined as criminal activities that are carried out by means of a computer or the internet. Anyone who uses a computer that is connected to the internet should have a cybercrime strategy in place. No matter where you are in the world, if you let your guard down you are at risk. Everyone needs to be responsible for keeping data safe.
Ageing infrastructure and reduced budgets in South Africa and the rest of the continent make these shores rich hunting grounds for unscrupulous networks of cybercriminals.
These reduced budgets, compounded by economic shocks caused by the pandemic, have in many instances in our experience made it more difficult for Chief Information Security Officers (CISOs) and Information Security managers to fully implement their strategies, leaving weak points in their defence.
However, despite this and the increase in sophisticated cyberattacks, the Veeam Data Protection Report 2021 shows that the top global challenge facing organizations is economic uncertainty, surpassing cyber threats which was the top threat last year. Similarly, the top challenges anticipated by African organizations in the next 12 months is industry disruption (35%), economic uncertainty (32%) and meeting changing customer needs (32%). The threat landscape is continuing to evolve and prioritising a solid cybercrime strategy can never be overemphasised.
One of the fastest-growing trends is phishing emails, where the user is tricked into clicking on a link to a fake login page that shares credentials with the attacker. The problem with these attacks is that the culprits are becoming very good at making the emails appear authentic and as if they come from a legitimate source.
Another growing trend we encounter is ransomware, where a business’s critical data is encrypted and rendered unusable until a ransom is paid, which is when an encryption key is provided. In many cases ransomware attacks are very well coordinated and some target specific entry points using phishing.
To bring this point home, City Power in Johannesburg suffered a high-profile attack with a ransomware virus that impacted most of its IT systems. The ransomware affected their primary website, which is used by citizens to log complaints and purchase prepaid electricity.
It’s not as if these two trends are not well-known, yet the sophistication of these attacks often surprises companies. We have encountered instances where the attackers find security flaws and exploits in perimeter hardware and software before the vendor is even aware or has rolled out global patches or updates.
By Ian Engelbrecht, Africa Lead, Systems Engineer at Veeam on IT News Africa
Image Source: Red Level Group