Phishing attacks cost SA $320m

Johannesburg, 23 Apr 2012
Read time 3min 30sec

South Africa accounts for 5% of global phishing attacks, with a value of $35.8 million, compared to the US, which accounts for 42%, or $320.2 million.

So says Stephan le Roux, district manager of RSA, the security division of EMC Southern Africa, who adds that, according to the 2011 FraudAction Research Lab, total fraud losses from phishing last year was $1.3 billion globally.

“It is becoming increasingly important for organisations to define security strategies and implement solutions to mitigate risk, ensure compliance and accelerate business objectives.”

To meet this demand, ITWeb and RSA Security have joined forces to conduct the Security Survey, which will determine the importance of information security to South African organisations; establish what inhibits and drives investment in IT security; what IT security activities are being outsourced; and what factors are important to organisations when choosing an IT security vendor, Le Roux explains.

The results of the survey will be published on ITWeb and presented at the 2012 ITWeb Security Summit.

“In SA, as in most countries, most phishing content targeted the public sector, followed by the SME business sector. The majority were targeted phishing attacks aimed at leveraging known brands in fake e-mails that attempt to fool e-mail recipients,” he says.

Le Roux also points out that the biggest security risks today are associated with the way most organisations think about security management and conduct security operations.

“Since 2010, there has been a constant drumbeat of high-profile, massive attacks against commercial enterprises and government organisations. This trend shows no sign of abating. When examining these attacks, it becomes clear that there are a number of different adversaries with different motives using different attack methods.

“The culprits are a new breed of cyber criminals, hacktivists and rogue nation states. With increased speed, agility and cunning, they're exploiting security gaps resulting from disparate, complex security technologies and outdated and unfocused security management processes that are slow to recognise the potency of emerging threats. The adversaries are better co-ordinated and have developed better cyber intelligence.”

As a result, he adds, traditional security operations and perimeter security defences, such as anti-virus software and intrusion detection systems, can no longer fully protect organisations.

“Fortunately, there are plenty of innovative practices and technologies enterprises can implement to bring the fight to the enemy.”

Explaining what is driving security breaches in many organisations, Le Roux says information security technology in many organisations is way past its expiration date, and the ongoing focus of security investments is flawed, too.

He also points out that most organisations spend the lion's share of their capital and operating budgets on preventative, signature-based security technologies, hoping they will be protected and will not be breached.

“The last few years have shown clearly that this approach is painfully defective in the face of advanced adversaries such as cyber criminal groups, hacktivists and nation-sponsored attackers. Fixing the flaws in information security requires a transformational commitment that creates a proper equilibrium between the right amount of preventative and control investments, and strong security operations designed to provide deep situational awareness and intelligence-driven threat management.”

Le Roux urges organisations to turn the tide on their vulnerability to advanced threats by transforming their security programs and moving towards 'intelligence-driven' security systems.

Intelligence-driven security systems must take an adversary-focused/risk-based approach to thinking about an organisation's material assets, he adds.

“Security systems must also be agile to cope with constant changes to the threat landscape and must be context-aware to provide critical answers to any question that might arise. Intelligence-driven security is key to lowering security risks in a world where compromise is inevitable, but losses can be effectively managed to an acceptable level.”

Click here to complete the survey.

See also