SA's cyber threats to grow in 2018
The year 2017 was characterised by four main cyber crime trends: massive malware attacks; attacks against crypto-currency exchanges, major data breaches, and widespread use of hacking tools.
This is according to Neil Cosser, identity and data protection manager for Africa at Gemalto, who says that the four main cyber crime trends which gained traction last year were all centred on the key issue of data security, and these trends are expected to continue into 2018, with new threats coming into the foreground.
"South Africa's formal business sector and much of society are already highly dependent on digital platforms, with a strong emphasis on mobile technology, as is common in developing economies.
"There were a number of high-profile cyber crime incidents locally in 2017, and while the proposed cyber crimes and cyber security legislation will go some way towards providing a framework for combating crime, it is not necessarily perfect. In the digital sphere, law is on the back foot - we must all take responsibility for cyber security because it affects all of us."
Nothing, adds Cosser, underlines SA's integration into the global economy more than the country's increasing vulnerability to the growing incidence of cyber crime.
Gemalto says that perhaps the most high-profile of these cyber crimes was the outbreak of massive malware attacks, particularly involving ransomware.
"The WannaCry ransomware attack affected at least 200 000 organisations globally, while others included NotPetya and Bad Rabbit. Major data breaches were a second feature of cyber crime in 2017. LinkedIn, Dropbox and Yahoo were global victims; locally, the personal records of around half the South African population were found on the Dark Web thanks to a hack of the Deeds Office and, in September, the South African branch of Web hosting company Hetzner was hacked, compromising client data," explains Cosser.
The third trend in 2017 was the widespread use of hacking tools by both law-enforcement agencies and criminals, he continues.
Security company McAfee says these tools, and people to operate them, are increasingly available, and professional hackers are expected to continue to push the boundaries of innovation in the coming year.
The fourth trend is attacks against crypto-currency exchanges, driven by the huge leap in the value of Bitcoin and others. Gemalto predicts that these trends will continue into 2018 and will help set the cyber security agenda.
"In 2018, businesses are not the only ones at risk. The digitisation of society and life is an ongoing and apparently unstoppable trend. As more of our personal environment is connected, so it becomes vulnerable. Personal information stored in smart devices is one attraction for criminals, but it's not too far-fetched to imagine a scenario in which a smart appliance is held to ransom," concludes Cosser.
Security firm, Trend Micro says if 2017 is remembered for anything in the cyber sphere, it is remembered as the year of malware, with a few high-profile breaches and ransomware campaigns such as WannaCry and NotPetya.
The security firm points out that ransomware is evolving and is being deployed with more regularity: "What we are learning from these attacks is that it is vital to patch any known vulnerabilities the moment a fix is available. At the same time, it's important that we understand how security can be undermined and to research the exploits that are available for popular software," advises Anvee Alderton, channel manager for Trend Micro Southern Africa.
Cyber security firm FireEye, says the shortage of skilled workers, an increase in cloud adoption as well as the Internet of things are some of the challenges that await the cyber security industry in 2018.