Connect with us

Featured

How SA came under sustained attack from hackers

South Africa’s financial services sector experiences single longest running attack globally, according to new Mimecast report

Published

on

South Africa experienced the single longest-running cyber attack campaign of any country during a period monitored by Mimecast Limited, a leading email and data security company.

It revealed this finding in its quarterly Threat Intelligence Report: Risk and Resilience Insights, which provided technical analysis from the Mimecast Threat Centre from July -September 2019 on the nature of attack campaigns, in addition to observations and analysis of evolving threats. Outlining the trends emerging from these identified attacks and assessing the current behaviour of threat actors can help organisations better understand the impact these factors will have on the cybersecurity landscape in 2020.

The Mimecast Threat Intelligence Report includes analysis of 207 billion emails processed, 99 billion of which were rejected. The goal of the report is to keep organisations informed on the threats that are targeting their industries, so they can better prepare for, and protect themselves against threats inside, at and beyond the perimeter. This research looks through the lens of the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. 

This quarter’s report found that impersonation attacks are on this rise, accounting for 26% of total detections – and now includes voice phishing or “vishing,” an advanced attack observed in this quarter, where threat actors use social engineering to gain access to personal and financial information via the victim’s telephone system.

South Africa experienced the single longest-running campaign – an attack on several financial services systems in July – of any region under review. An unknown threat actor or advanced criminal group utilised ZIP, RAR and HTML files containing generic Trojans over an eight-day period encompassing more than 116 000 detections. Four major campaigns were detected in South Africa between July and September, of which the financial services sector suffered the brunt of the impact.

While the report uncovered a mixture of simple, low effort and low-cost attacks targeting Mimecast customers, the data also high­lights complex, targeted campaigns leveraging a variety of vectors and lasting several days. These sophisticated attacks are likely carried out by organised and determined threat actors, employing obfuscation, layering, exploits, and encryption to evade detection. Additionally, throughout the research, it was clear three industries were targeted the most by cyberattacks. Banking and legal, industries that are rich with sensitive information that yield results for threat actors and transportation, where state-sponsored threat actors seek to disrupt the logistical and supply capability of rivals.

“Threat actors seek numerous ways into an organisation – from using sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam,” said Josh Douglas, vice president of threat intelligence at Mimecast. “This quarter’s research found that the majority of threats were simple, sheer volume attacks. Easy to execute, but not as easy to protect against as it shines a very bright light on the role human error could play in an organisation’s vulnerability. 

“Organisations need to take a pervasive approach to email security – one that integrates the right security tools allowing for greater visibility at, in and beyond the perimeter. This approach also requires educating the last line of defence – employees. Coupling technology with a force of well-trained human eyes will help organisations strengthen their security postures to defend against both simple and sophisticated threats.”

Of the 207 billion emails processed, there were 25 significant malware campaigns identified this quarter which incorporated Azorult, Hawkeye, Nanocore, Netwired, Lokibot, Locky and Remcos. The campaigns observed range from simple phishing campaigns to multi-vector campaigns alternating file types and attack vector, types of malware and vulnerabilities. 

Nanobot, Loki and Remcos were the most significant threats deployed against financial services in South Africa; they were utilised in concert with a range of generic Trojans. All the analysis discovered in the report is fed back into Mimecast engineering to enhance cloud-based security services, improving customer’s cyber resilience and helping them avoid disruptions to their business.

Additional key findings outlined in the report –

  • The majority of attacks are less sophisticated, high volume attacks – due to the ease of access for any individual to launch an attack and employees still clicking on malicious links
  • ZIP files accounted for 34% of file compression format attacks – consistently the most detected format due to reliance on human error
  • Researchers detected a complex range of malware, some of which has been around for many years, in addition to new threats. Malware threats are increasingly automated.
  • Top sectors targeted this quarter: transportation, storage and delivery, banking and legal

For the full Threat Intelligence Report, visit here.

Featured

Hi-tech reinvents the massage

Virtual reality is invading the world of health and beauty – or is the other way round? ARTHUR GOLDSTUCK discovers a new role for VR through the ancient art of massage.

Published

on

Sheer Bliss founder Nadine Hocter gives Bryan Turner a VR massage at the World Wide Worx offices

Imagine you are sitting at your office desk, stretched by deadlines and stressed by office politics. A minute later, you are sitting on a idyllic beach, watching the sunset, and someone is gently massaging your neck.

That’s probably a common fantasy, but now it is also a reality, thanks to the next big step in massage therapy. The ancient art is being transformed by virtual reality (VR), with massage clinics and therapists the world over discovering the transformative power of the technology.

In South Africa, the revolution is led by a company called Sheer Bliss, which works in the corporate space, mainly visiting company offices and call centres. The massage is quick – typically 6 minutes – but the combination of working the most stressed muscles and offering a brief escape to a beach paradise amplifies the experience.

Massage therapy goes back in history several thousand years, first as a sacred form of natural healing in India and later to pamper royals and the rich in ancient Egypt. These days, it is democratised, at least if you can afford it. But thanks to VR, it can now become a mass market experience. Sheer Bliss conducts an average of 27,000 massages a year, with teams in Johannesburg, Cape Town and KZN. Its mobile massage concept means it can also cater for conferences and large sporting events.

However, it’s not so much a case of VR saving the massage industry, as massage giving VR a boost, by providing a wonderful use case for its practical application.

“We needed to find something new to offer our customers,” says Nadine Hocter, founder of Sheer Bliss. “At the same time, we were looking at a way to future-proof the business. I was really lucky in that a group of MBA students at GIBS were given Sheer Bliss for their innovation project. 

“We spoke about various ways of making our original massage more immersive. VR was mentioned, but it was in a meeting with a client who wasn’t biting that we sold the idea. Without realising it at the time, our business moved into a class encompassing the 4th Industrial Revolution.”

Visit the next page to more about how Sheer Bliss became the first virtual reality massage therapy business in South Africa.

Previous Page1 of 3

Continue Reading

Featured

Drones fight forest fires

The South African forest fire season began a month ago, and an estimated 20807 hectares of land were burnt in the Western Cape.

Published

on

With such rampant and regular breakouts of forest fires, the quest to contain them before they cause widespread destruction, including property damage and loss of life, remains an issue of high importance for non-governmental organisations and the relevant government agencies. Equally important is the need to safeguard against the loss of the lives of firefighters during missions to contain these blazes.

As this continues being an issue, mainly because of the dense vegetation found in the Western Cape, coupled with the dry weather that is typical for this time of the year, the need to use unmanned aircraft to fight fires is ever increasing.

Drones are particularly crucial for forest fires that tend to get out of control quickly and that put both pilots and crew at risk. There’s only a small containment window between when the fire starts and when it gets out of control. Drones give firefighters a bird’s eye view of the terrain and helps them determine where the fire moves next so they can swiftly make decisions about where crews should go and who should be evacuated.

If you’re a firefighter responsible for forest fire response, mitigation and rescue, the benefits of drones are immense. We’ve detailed the main 4 benefits with supplemental stories below.

1. Drones Gather Situational Awareness in a Short Time

A drone helps you decide within minutes the type and amount of resources to send to the scene. Some drones are also equipped with thermal sensors, which uses infrared radiation to help first responders locate heat signatures of humans and fire hotspots that show where fires are most likely to spread. Even before your personnel arrive on the scene, commanders are able to make decisions just from these images live-streamed to their computers.

In early December whilst fighting a blaze, SanParks made use of a DJI drone with an infrared camera to capture images of the Rocklands fire in Simonstown.

In a similar incident in the German town of Hechingen, firefighters had to fight against winds that were spreading to nearby wooded and populated areas. The creeks had dried out while the first fire truck that arrived carried only 2,000 liters of water.

Hechingen’s Fire Brigade deployed DJI’s Matrice 210 ruggedised commercial grade drone, a Zenmuse XT thermal camera, and an X4S high definition visual imaging camera. These fed information to the incident commanders and helped them know where to direct their resources, how many units to send and where to increase water supply.  At the end, the crew extinguished the blaze with only 5,000 liters of water mixed with compressed air foam. The drones not only helped them save water but more importantly hastened reaction time helping the Brigade send crews faster to the scene with the exact manpower, units and supplies.

“The biggest advantage came to light during the search for hotspots and extinguishing them,” Hechingen’s Fire Chief Commander Bulach later told DJI, “The simultaneous deployment of the XT and X4S provided me with exact information about where to delete the hotspots and how long until we reached a safe state.”

2. Drones Protect Your Personnel

Drones help you monitor your crew to make sure you’re sending them in the right direction, that they’re safe and to help you determine whether to send backup forces.

On 13 August 2017, Yosemite firefighters battled a 9-day blaze in Southfork, California, that was complicated by weakened timber trees in the nearby region. Flying planes in the tight canyons was dangerous due to a bellowing column of smoke. At the same time, an unexpected thunderstorm spread the fire, blurring the firefighters’ primary containment line and threatening to spread to nearby villages.  The Yosemite fire-force used a DJI drone with the Zenmuse XT thermal payload in their pre-shift early morning hours to map fire lines and livestream information to controllers for operational decisions and situational awareness.  Tony Eggiman, Menlo Park FPD Fire Captain recalled, “the operations major told me later it brought his blood pressure from about 200 down to about 100. He was really happy.”

With aerial intelligence captured by drones, incident commanders can make better-informed decisions that keep firefighters safe while they plunge into fire and other dangerous spots to save other peoples’ lives.

 3. Drones Enable Fast Mapping for Incident Response as Well as for Post-Incident Recovery

Drone solutions for forest fire response typically carry two different cameras: a visual camera and a thermal camera. The visual camera gives you a real-time view of different situations, able to easily spot things such as your fire team or nearby equipment. The thermal camera scouts for heat signature of the human or fire hotspots.

Drones fly lower than helicopters, providing a more nuanced picture of the situation, and can navigate in tight or dangerous spaces where no helicopter pilot would dare to go. With thermal imaging capabilities, they can locate hotspots at a fire scene within seconds, and see people trapped even in areas of thick smoke.

Drones also play an important role after the fire has been put out. During the Carr Fire, crews piloted low-flying drones to capture 360-degree images of the destruction. For the residents forced out of their homes, this provided invaluable information on property damage to assess insurance claims in a faster time, letting victims more quickly take steps to rebuild their lives.

4. Drones Give you Accurate Intelligence for Informed Decision Making

Wildfires often involve large-scale operations where the incident commander must make decisions on personnel and resource deployment. Drones are effective intelligence generators that can capture detailed data and information from the field, and live stream back to the command centre. By having that real-time aerial view, you can see exactly what’s happening and don’t have to rely on second-hand information. You know what’s going on and where. You can also monitor your crew to see their location and that you’re sending them in the right direction.

Drones allowed firefighters of the Gaoming district, Foshan in South China to expertly evaluate 960 people when a fire broke out on Lingyun Mountain near the area, December 12, 2019.

The DJI Mavic 2 Enterprise Dual (M2ED) was flown out within minutes of the response team’s arrival at the incident for fast situational awareness. Two minutes later, the Matrice 210 V2 drone platform was launched, giving detailed information with its sensor’s 30 times zooming ability. The Mavic gave responders their quick incident overlook, while the Matrice provided detailed, high-resolution images for thorough situational awareness. The combination saved more lives, protected firefighters, and shaved firefighting costs. 

As Los Angeles Fire Department (LAFD) Battalion Chief Richard Fields, program coordinator, told the Board of Fire Commissioners in a March 2019 report, “Timely and accurate communication is essential in getting the right resources in place to mitigate an incident.”

Drones have gained a foothold in the sphere of public safety and forward looking government agencies are expanding their use in areas including environmental services, public works, transportation and rescue services. Download DJI’s whitepaper to explore the Best Practices For Deploying Drones At State And Local Government Level.

Continue Reading

Trending

Copyright © 2019 World Wide Worx