A 'phishy' start to SA's cyber year

Read time 2min 40sec
Maher Yamout, a senior security researcher for META at Kaspersky Lab.
Maher Yamout, a senior security researcher for META at Kaspersky Lab.

Kaspersky Lab's Cyber Security Weekend opened with a look at the global and local threat landscape. And the numbers are pretty scary.

In the first quarter of 2019, South Africa experienced just shy of one million phishing attacks. This amounts to a daily average of about 10 700. There were over 21 million malware attacks and more than 53 000 mobile malware attacks in SA in the first quarter of 2019.

"Many organisations still believe that attacks are straightforward. But in reality, the situation is very complex. Attackers can do a whole lot before the situation is actually classified as a cyber incident," explained Amin Hasbini, head of the global research and analysis team for META at Kaspersky Lab.

"If anything, these numbers show us that if we want to use technology everywhere and for everything, we have to protect it all. Even your smart coffee machine needs to be protected."

The Cyber Security Weekend took place at the Table Bay Hotel in Cape Town this week and brought together security experts and the media from Turkey, the Middle East and Africa.

"We know what you did last summer," Maher Yamout, a senior security researcher for the global research and analysis team for META at Kaspersky Lab, and Hasbini said as they began their presentation about advancements in cyber espionage.

ITWeb Security Summit 2019

Eight international keynote speakers are heading to SA to join the local experts and share insights with SA's cyber security community in Cape Town and Johannesburg. To find out more and to register, click here.

Focusing on the MuddyWater advanced persistent threat group, they detailed how these cyber criminals use different tools to blend in and trick cyber security experts.

"These attackers know how their efforts are detected and identified so they use false information to distract investigators and make them think certain things about the origin of the attack," noted Yamout.

For example, the hackers have been known to insert Russian phrases into their code as a red herring so that cyber security experts will assume the threat came from Russia. The pair estimates that a Middle Eastern telco that fell victim to a MuddyWater attack lost roughly $2.5 million in brand reputational damage, legal fees and incident response, among other things.

If you imagine the cyber threat landscape today as a pyramid, you could divide current risks into three distinct layers, explained Sergey Novikov, deputy director for the global research and analysis team at Kaspersky Lab.

According to Novikov, the majority of the pyramid (90%) is made up of traditional cyber threats. The second layer (about 9.9%) is much more interesting. These are more targeted and strategic attacks, like cyber espionage. The final layer (currently making up less than 1%) consists of threats relating to cyber warfare attacks on critical infrastructure.

As cyber criminals become more advanced, the dimensions of this pyramid change and we need to prepare for these changes, he concluded. Proper cyber security is all about preparing for tomorrow's threats, today.

Login with