Local ISPs warn of rising ransomware attacks

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 22 Feb 2023

The Internet Service Providers’ Association (ISPA) is urging companies to buttress ransomware defences, as organised cyber criminals are increasingly targeting local firms.

The industry body says businesses need to build robust cyber resilience strategies and routinely evaluate disaster recovery procedures.

The organisation’s warning comes as attacks are proliferating and becoming increasingly sophisticated, say experts.

According to ISPA, with the average cost of remediating a ransomware attack in SA estimated last year by cyber security firm Sophos to be R6.4 million, “there are significant financial and legal risks to exposure to the online realm”.

“Cyber crime disrupts more than business operations; it exposes organisations to reputational and regulatory risk,” says ISPA chairperson Sasha Booth-Beharilal.

“Not only are ransomware attacks becoming more frequent, but developments overseas are suggesting that policing agencies globally are not considering the payment of ransom as a mitigating factor when considering enforcement actions. This, again, underscores the importance of a proactive approach to cyber security.”

In addition, ISPA says legislative imperatives should not be overlooked when it comes to cyber security.

“In terms of the Protection of Personal Information Act 4 of 2013 (POPIA), businesses are required to mitigate risk relating to the processing and storing of personal information. POPIA specifically requires organisations to implement reasonable technical and organisational measures in this regard.

“ISPA also advises of the importance of regular training and organisation-wide awareness initiatives aimed at sensitising employees, business partners and others to the fact that the human element is often the weakest cyber security link.

“Phishing via phone and e-mail remains a particular concern in the context of ransomware.”

Attacks on local companies are increasing, with ISP RSAWeb the most recent victim to be hit by a ransomware cyber attack.

RSAWeb battled for a week to restore full services, after the security breach prompted it to shut down all its systems, resulting in the company’s entire network − including its fibre, mobile, hosting, VOIP and PBX services − going offline.