Guard yourself as the fight against cyber crime intensifies
It’s no surprise that South Africa, like many countries, is facing a rise in cyber security threats, with the country going as far as implementing a new law to bring the country up to international standards for fighting cyber crime.
Ransomware has also grown in profile and impact within South African organisations, with these types of crimes having evolved far beyond their origins, particularly as the country is as connected as its counterparts elsewhere – and just as vulnerable to nationality agnostic attacks.
The cyber criminals behind these increasing attacks are introducing new threats and tactics to extract valuable data and millions in ransoms from prominent sectors, highlighting the ongoing importance for cyber security due diligence.
On a global scale, McAfee Enterprise’s latest Advanced Threat Research Report, which examines cyber criminal activity related to ransomware and cloud threats in the second quarter of this year, saw a surge in publicly reported incidents in the government (64%) and entertainment (60%) sectors. The report also reveals 73% of ransomware detections were specifically attributed to the REvil and DarkSide ransomware groups, both targeting large, high-revenue organisations.
What is driving the increase in cyber attacks?
There are two key motivations that are attributed to cyber criminal activity – financial and political. It is for these reasons that cyber crime, such as ransomware attacks, are not only increasing but are also becoming more high profile.
On a financial front, more companies have been willing to pay higher ransoms to get their data back. Ransoms of tens of millions of dollars are still less than the business cost of not being able to offer the services promised to their customers, and as a result, the asking price in ransoms from cyber criminals has gone up, making high-revenue organisations ideal targets.
Rising political tensions combined with financial motivations are one of many reasons cyber criminals target governments. In this instance, data tends to be more sensitive given the nature of the industries that are being targeted, such as schools, hospitals and other critical infrastructure across the nation. In fact, McAfee Enterprise’s Advanced Threat Report reveals that the financial services sector was targeted in 50% of the top 10 cloud incidents, including in the United States, Singapore, Chine, France, Canada and Australia.
As more people than ever are using IOT, cyber criminals have more targets to prey on. Combine this with the ‘working from home’ boom throughout 2020-2021 and cyber criminals were presented with an ideal environment ripe for the picking, helping to fuel the ongoing increase in attacks.
Fighting global threats, locally
“Global connectivity has meant that, more than ever before, South Africa is a part of the global village – and while that certainly comes with myriad benefits, it also comes with the need for an increased focus on cyber security for the state, enterprises and home users too,” says Carlo Bolzonello, country manager for McAfee in South Africa.
“The tendency, unfortunately, is to focus too much attention on the origin of a threat or an attack, rather than on its economic impact, how that can be reduced, and being sure of a return on investment in cyber defences,” he adds.
While there is a pro-cyber security mentality at a national level to combat the increase in ransomware attacks, there is still a lot of work to be done at an organisational level. Key initiatives organisations can embrace include:
- Introducing technical safeguards: Technical safeguards will aid in protecting your organisation from cyber attacks. Whether this is through proper authentication processes or introduction of access controls, up-to-date technical safeguards will protect an organisation’s private data. Organisations should also consider taking an extended detection and response (XDR) technical solution approach, which allows for the automation of collecting and correlating data across multiple security touch points.
- Reiterating best practices: Ongoing training and reminders at an employee level will aid in the reduction of any unauthorised access to your organisation's private data. Equipping employees with the basics in malware/ransomware and the various physical safeguards will empower them to identify any malicious behaviour and the steps needed to flag this with the relevant parties.
The agility, creativity and relentlessness of cyber criminals and their activity is not to be underestimated. Cyber threats are growing each day with organisations of all sizes succumbing to attacks that result in the loss of data and sometimes even millions or even billions of rands.