You could be forgiven for believing ransomware has already peaked. After all, few organisations in South Africa have experienced it on various levels since 2017’s WannaCry attack. Yet ransomware is hardly a spent force. If anything it’s become normalised. Kaspersky detected 16,017 new ransomware modifications in Q2 2019, more than double it discovered in the same period last year.
Ransomware is now big business. With estimated annual revenues of $1 billion, it’s become a parasitic sub-economy whose continued rise seems inexorable. However, as ever, it’s not a price worth paying. The average attack costs businesses over $133,000 and does long term damage to reputation and customer confidence. What’s more, paying the ransom is no guarantee you will get your data back – 20 per cent of paying victims never reclaim their stolen data.
Data is your strongest asset, but it can also be your biggest weakness. It helps you anticipate change and cater to your customers, but it is also becoming more complex, varied and difficult to protect. To stop it falling into the wrong hands, you must have a strong security configuration and backup strategy in place. Now more than ever, you also need to put it through its paces.
Prepare to fail
A strong ransomware defence strategy delivers protection at depth and at all levels. You should have a strategy to proactively search for and fix system vulnerabilities, and deploy solutions for network monitoring, threat intelligence and endpoint detection. By covering all bases, you give potential attackers nowhere to hide.
However, threat prevention by itself is no longer enough. You can have in place the most comprehensive prevention strategy possible, but failure is inevitable at some point in your system’s lifecycle. Indeed, more than 77 per cent of ransomware victims were running up-to-date endpoint protection when they were breached.
Ransomware is no longer a cottage industry of lone wolf operators and small groups. It’s the weapon of choice for state actors and well-resourced criminal outfits. Cybercriminals don’t have the distraction of needing to operate a business – they can focus solely on their goal of breaching your defences. What’s more, they constantly evolve their techniques and technologies, and can do it much faster than you can refresh your perimeter defences.
Without a detailed incident management and response plan, one bad day could turn into a long-running disaster for your organisation. You can’t defend yourself from every potential ransomware attack, so a comprehensive backup plan is crucial. This means creating and maintaining multiple copies of important data, both locally and in the cloud. You should be aware of how your backups are created, where they are stored in your organisation and, most importantly, how your backup strategy performs under pressure.
You don’t have a backup plan until you’ve tested it
Despite the heightening threat of ransomware attack, organisations often still neglect to put their backup strategies into practice. There’s a perception of ‘it could never happen to me’ among many data officers and managers, but ransomware attacks are worryingly common – across Europe, the Middle East and North America, more than a third of finance and insurance companies have been victims. A ransomware attack isn’t a question of if, but when.
Complacency only puts your data in danger. If failure is inevitable then you shouldn’t be caught unprepared. Backup plans are complex and multi-layered, spanning across multiple data and cloud environments. It’s hard to predict how your backup plan will interact with all these systems until you put it into action.
Stress testing your backup configuration reveals cracks and vulnerabilities you otherwise would never have discovered. Are your backups sufficiently isolated to avoid infection from spreading, do you have enough copies of valuable data and are you retaining those copies long enough? Only regular fire drills and tests can answer these questions conclusively.
A stress test could be something as simple as staff checking to ensure a backup site will go live should the main application fail, or performing a single file recovery and checking the recovered copy matches the original. What’s important is that these tests are regular, repeatable and a crucial part of your backup strategy.
It’s important to stress that you can’t just focus on the resilience of your primary data. The secondary data you create through backups and copies also needs to be properly defended and tested under your policies. Review how your backups are saved and then put them through the same process as your primary data. What’s more, a number of backup solutions are building ransomware resiliency capabilities into how secondary data is stored and accessed – take advantage of these.
Stress testing isn’t a case of better safe than sorry, it has real benefits to an organisation. Rehearsing your backup strategy improves response times and shortens the delay between losing your data and getting it back. This is increasingly important in a connected world where losing access to data can swiftly derail business continuity.
When it comes to ransomware, prevention is no longer enough. You need to have a data backup plan, and that plan has to be measurable and repeatable to keep pace with today’s fast-moving attackers. You can’t say you’ve truly recovered from a ransomware attack if it has done damage to your business through downtime and data loss. A tried and tested approach will not only boost response and resilience, it will deliver confidence to customers and stakeholders.
Black Friday, Cyber Monday, shot the lights out
The numbers are in, and it shows that the start of holiday season shopping in South Africa saw spectacular growth
Black Friday and Cyber Monday continues to be a hit in South Africa, with both days exceeding expectations.
“Black Friday did not disappoint,” says Solly Bellingan, head of customer relations at BankservAfrica. “Despite the tougher economy, it seems South Africans took advantage of the days’ special deals with in-store and online transaction volumes reflecting strong year-on-year growth. Both days have certainly made their mark amongst local retailers and shoppers,
South Africans shopped up a storm with the total number of Black Friday transactions processed by BankservAfrica, in-store and online, at 7,077,117 (*) in 2019 – 36% up from 2018’s 5,204,594. This translates into a total spend of R6-billion, an impressive 106% increase on 2018’s R2.9-billion.
When compared to 2018, it seems bargain hunters decided to get the best deals early with a 33% year-on-year increase in sales at midnight. The 12-hour period between 06:00 and 18:00 proved to be busiest, with similar volumes being processed each hour. The highest number of transactions processed in a 60-minute period was between 10:00 and 11:00 at a volume of 595,792.
“3D-Secure, our online card authentication service, i.e. transactions that require a one-time pin(**), showed steady growth this year with a 32% year-on-year increase on Black Friday and transaction volumes reaching a total of 534,828,” says Bellingan. The busiest shopping times were between 09:00 and 10:00 in 2019 compared to the earlier start in 2018 at 08:00 to 09:00.
“The most expensive online transaction recorded on Black Friday was for a hospitality purchase of R10,067,400 by an international company. The most uses by one card was 83. During peak, we processed 717 transactions while the average was 371 per minute for the day.”
Cyber Monday was less active than Black Friday with a 42% growth in online transactions that reached a volume of 249,908 in 2019 (up from 176,595 in 2018). However, in both years, most of the transactions took place between 10:00 and 11:00, with the most expensive being R1,997,800 and 151 uses by one card. The highest average transactions per minute was 322 at peak and 173 per minute for the day.
“This year’s Black Friday and Cyber Monday data mirrors the global data of record-breaking sales – and the BankservAfrica featured figures are only a portion of the entire sales figures for both days,” says Bellingan. “It will be interesting to see if these manage to outpace festive season spend this year.”
Visit the next page for insights gathered through the PayGate payment gateway.
Amazon records biggest ecommerce day ever
Amazon has announced that Cyber Monday was once again the single biggest shopping day in the company’s history, based on the number of items ordered worldwide. Customers all around the world shopped at record levels across a wide selection, with hundreds of millions of products ordered worldwide between Thanksgiving and Cyber Monday, alone. Customers purchased millions more Amazon Devices compared to the same period last year in Amazon’s Stores globally and the best-selling items were Echo Dot and Fire TV Stick 4K with Alexa Voice Remote.
“We’re focused on making this holiday season more convenient than ever for our customers, especially given how short this holiday shopping season will be,” said Jeff Wilke, CEO Worldwide Consumer, Amazon. “We are thrilled that customers continue to come to Amazon in record numbers to discover what they need and want for the holidays. Thank you to our customers and employees all around the world for making this holiday shopping weekend the best yet.”
Holiday Weekend Highlights:
- Customers worldwide purchased more toys this Black Friday and Cyber Monday combined than ever before. Among the tens of millions of toys purchased during this time period, best-sellers included LEGO Star Wars Darth Vader’s Castle, Monopoly Game: Disney Frozen 2 Edition and Hasbro games such as Jenga, Guess Who and Candy Land Kingdom of Sweet Adventures.
- Cyber Monday was the single biggest shopping day for Amazon Fashion worldwide, with more items purchased than any other single day in the company’s history. Best-sellers included Carhartt Men’s Acrylic Watch Hat and Champion Men’s Powerblend Fleece Pullover Hoodie.
- Amazon customers worldwide ordered more than 25 million home items on Black Friday and Cyber Monday, combined.
- Best-sellers on Black Friday in the U.S. included Echo Dot, Fire TV Stick with Alexa Voice Remote, Instant Pot Duo80 – 8 Quart, 23andMe Health + Ancestry Service: Personal Genetic DNA Test, L.O.L. Surprise! Winter Disco Bigger Surprise and iRobot Roomba 675 Robot Vacuum.
- Customers worldwide purchased more than four million beauty products this Cyber Monday compared to last year, with best-sellers including Oral-B Genius Pro 900 Electric Toothbrush, Lagunamoon Essential Oils Top 6 Gift Set and L’Oreal Paris Voluminous Makeup Lash Paradise Mascara.
- Top-selling categories worldwide include Toys, Home, Fashion and Health and Personal Care.
- The best-selling products in Amazon’s Stores on Cyber Monday in the U.S. included Echo Dot, Fire TV Stick with Alexa Voice Remote, Play-Doh Sweet Shoppe Cookie Creations, Keurig K-Cafe Coffee Maker and LEGO City Ambulance Helicopter 60179 Building Kit.
- Independent third-party sellers in Amazon’s Stores — mostly small and medium-sized businesses – sold more items during Cyber Monday 2019 than any other 24-hour period in the company’s history.
- For the third year in a row, Whole Foods Market broke its all-time record of turkeys sold during the Thanksgiving season.
- Amazon delivered millions of grocery items to Prime members in the U.S. through the five days between Thanksgiving and Cyber Monday. Best sellers from Amazon Fresh and Whole Foods Market delivery included Honeycrisp apples, lemons and avocados.
- Top selling items at Amazon Books and Amazon 4-star stores over the holiday weekend included the Amazon Smart Plug, Echo Dot and All-New Echo Dot Smart Speaker with Clock, L.O.L. Surprise! Dolls, Wrecking Ball (Diary of a Wimpy Kid Book 14), and the Wyze Cam 1080p HD Indoor Wireless Smart Home Camera with Night Vision.
Record-Breaking Weekend for Devices
- Shoppers purchased a record number of Amazon Devices globally this holiday weekend.
- Amazon customers worldwide purchased millions more Amazon Devices, compared to the same period last year in Amazon’s Stores globally, including Echo devices, Fire TV devices, Kindle devices, and Fire tablets.
- It was a record-breaking holiday shopping weekend for smart home devices in Amazon’s Stores globally with shoppers purchasing millions of smart home devices, including iRobot Roomba 675 Robot Vacuum, Furbo Dog Camera, and Wemo Mini Smart Plug.
- The best-selling products in Amazon’s Stores globally were Echo Dot and Fire TV Stick 4K with Alexa Voice Remote.