• Home
  • /
  • Malware
  • /
  • Cyber criminals take advantage of COVID-19

Cyber criminals take advantage of COVID-19

Insurance, finance and retail are the most at threat from cyber crime in SA because of COVID-19.

Johannesburg, 21 Jul 2020

Cyber attacks can bring a business to its knees, taking weeks if not years to recover. The key, according to NTT’s 2020 Global Threat Intelligence Report, is to move beyond traditional measures like protection, detection and response. Instead, organisations need to be cyber resilient and secure by design.

This has been compounded by the impact of COVID-19, where phishing attacks began leveraging the virus as early as January 2020, before it was even declared a pandemic. Fake Web sites masquerading as official sources of information were created at rates exceeding 2 000 sites per day, many of them specifically targeting the healthcare organisations that were trying to help people through this global emergency.

Matthew Gyde, President and CEO of the Security division, NTT, says: “The current global crisis has shown us that cyber criminals will always take advantage of any situation and organisations must be ready for anything. We are already seeing an increased number of ransomware attacks on healthcare organisations and we expect this to get worse before it gets better. Now more than ever, it’s critical to pay attention to the security that enables your business; making sure you are cyber resilient and maximising the effectiveness of secure by design initiatives.

“COVID-19 has been a stark illustration to many businesses how cunning cyber attackers will use any entry point they can to exploit a vulnerability,” says Tony Walt, Managing Executive: Dimension Data Security. “But it has also opened up new structural and operational risks: as more businesses embrace working from home, they are relying even more on technology to collaborate and access remote networks. They are also relying more on Web applications like customer portals and retail sites as they shift their channel strategies from face-to-face to online. These are the kinds of changes that increase an organisation’s vulnerability to cyber attacks.”

In the Europe, Middle East and Africa (EMEA) regions, the report shows that reconnaissance activity, where an intruder secretly gathers information about systems for a future attack, was the most common threat (40% of all hostile attacks), except for Norway and South Africa, where Web-application attacks (66% for South Africa) and application-specific attacks (27% for South Africa) were most common. Several countries included multiple content management systems (CMSes) in their list of commonly attacked technologies. In South Africa, specifically Joomla and Drupal, were the most targeted. The industries most targeted in South Africa were insurance (50%), finance (44%) and retail (3%).

“Businesses can no longer just respond to a security event, they need to be able to anticipate and prevent it in all aspects of their operations, including technology, people and controls,” says Walt. “This is what cyber resilience is all about. Rather than viewing cyber security as solely a protective layer over a business’s operations, secure by design means including security as a key and conscious deciding factor in the design of any end-to-end business solution and having the intelligence to help the business identify the threat earlier to respond, recover and return to business as usual much more quickly,” says Walt.

Other highlights of the NTT 2020 GTIR:

Attackers are becoming more innovative, using artificial intelligence, machine learning and investing in automation of attacks.

Attackers are weaponising Internet of things (IOT) devices. Botnets such as Mirai, IoTroop and Echobot have advanced in automation, improving their propagation capabilities. Mirai and IoTroop are known for spreading through IOT attacks.

Old vulnerabilities remain a target, with many attackers targeting organisations that have not patched their systems.