Expect a cyber attack in 2020
A specialist IT security service provider has warned of increased and sophisticated cyber attack campaigns targeting businesses in SA this year.
Simeon Tassev, MD at Galix, says expecting attacks ensures that businesses are more prepared and have adequate controls in place to detect them and stop them before they can cause major damage.
“Many businesses are seen as soft targets because they have vulnerabilities in their security systems. We can expect that the trend of accelerating attacks that are increasing in sophistication will continue in 2020,” he says.
Tassev notes 2019 proved to be a highly lucrative year for the cyber crime industry, with businesses rather than individuals being the main targets. He expect similar trends this year. “This is because businesses have large repositories of data and, in many instances, the means to pay the ransom demanded, so they are more likely to yield profits.”
According to Kaspersky Lab, there were an estimated 13 842 attempted cyber attacks every day in the first quarter of 2019 alone, which represents an increase of 22% over 2018. Hundreds of attacks are perpetrated every hour, and there were several high-profile successes.
One of the most publicised was the DDOS attack against the City of Johannesburg in October, which shut down online services. This was the second successful attack on the municipality in a matter of months. In July, Johannesburg City Power was hit by a ransomware attack that left many residents without electricity for several days. Internet service providers Afrihost, Axxess and Webafrica were also the victims of DDOS attacks in October, which affected end-user connectivity, network performance and hosting environments.
According to Tassev, all of SA’s big five banks also experienced disruptions in their service resulting from attempted cyber attacks.
“While the impact of attacks vary depending on the business and the attack itself, the reality is that it has become a question of ‘when’ a business will be attacked, not ‘if’. A swift response can help to minimise the impact of an attack, and the longer it takes, the more damage is done and revenue is lost,” he says.
Tassev notes it is imperative for businesses to understand how long it will take them to recover from a backup, the financial impact of this and what the best approach is to handle an attack.
“While some businesses decide that paying the ransom may be the less disruptive option, this is not typically advisable because it means a business will likely be the target of repeated attacks in future. Aside from the financial implications of recovering data, there are other impacts to consider, such as loss of customer trust.”
He says basic cyber security is critical so businesses don’t leave themselves “wide open”. Simply having systems in place to notify a company of an attack is not sufficient if there’s nothing that will be done to stop it.
“In the case of cyber crime, fortune will favour the prepared. The more difficult your organisation is to breach, the less likely you will be to experience successful and repeated attacks,” he concludes.