South Africa saw a sharp spike in network attacks from 15 to21 March 2020, with affected devices increasing in number from the usual average of 25,000 to peak at about 310,000, reports Kaspersky. The peak coincides with a massive increase in remote working in response to national emergency containment measures aimed at flattening the curve of spread of the Coronavirus (COVID-19) in the country.
“The region is seeing an increase in attempts to break into the organisations systems to establish control over them, sabotage their work, or access sensitive information,” says Maher Yamout, senior security researcher for the global research and analysis team at Kaspersky. “Remote working provides cybercriminals a prime opportunity to target devices, especially those that don’t necessarily have adequate IT security measures in place.
“Such a spike recorded, although temporary, leads us to believe that cybercriminals have keenly been focused on the region given the current circumstances – have been on the lookout for vulnerable devices to exploit – and likely due to the rapid increase in remote working protocols that have been initiated during this timeframe, especially since the growth in attacks continued until the weekend.”
The attack types used varied. A third of them were attempting to penetrate the network with brute forcing of passwords – repetitive attempts at various password combinations. This technique is very common and often works well with weak or repetitively used passwords or poorly configured systems.
Kaspersky, along with other market commentators, have recently shared advice linked to working from home strategies and the important security elements to consider, as this practice becomes more standard for many businesses in light of the global pandemic.
“Observing the statistics of network attacks for the past two months, we’ve never seen the numbers going above 45,000 attacks a day, while the last week saw this number reaching over 300,000,” says Yamout. “It certainly reinforces the need to institute critical security measures for remote working strategies, to ensure effective protection. However, with the spike dropping again, such advice is likely being onboarded and taken seriously.”
Kaspersky shares a recap of top tips employees can follow when working remotely:
- Make use of a VPN to connect securely to the corporate network
- Use multi-factor authentication wherever possible
- Ensure all corporate devices – including mobiles, laptops and tablets are protected with adequate security software
- Segregate your personal devices/life from corporate computers
- Ensure the latest available updates are installed regularly
- Only use corporate-approved teleconferencing software
basic cybersecurity rules:
- Do not click on emails from strangers or unknown sources
- Do not open attachments received from unknown senders
- Make use of strong passwords only
- Do not share passwords
- Don’t connect to unprotected or public Wi-Fi