Connect with us


It’s Safer Internet Day: prepare for unprepared customers

Organisations can no longer rely on their customers being cyber aware about malicious mails exploiting their brand, writes HEINO GEVERS, cybersecurity specialist at Mimecast



Over the past 12 months, South African public and private sector organisations have fallen victim to a range of sophisticated cyberattacks that have disrupted business operations and resulted in reputational damage, loss of productivity and finances.

Most organisations have to protect against a growing list of attacks including phishing, ransomware, impersonation fraud and insider threats. IT security teams are often overwhelmed and under-resourced, making it increasingly difficult to detect and defend against cyberattacks. That many end-users remain unaware of how to identify and stop incoming threats only adds fuel to the fire.

But beyond protecting their own organisations from these attacks, security leaders need to take an expanded view that protects their customers too. Especially as we mark Safer Internet Day (today, 11 February), organisations can no longer rely on their customers being cyber aware when it comes to malicious mails exploiting their brand.

In the past, service providers tended to pass the buck when their customers fell victim to a scam impersonating them. It was easy to blame the individual’s misfortune on their own poor cyber awareness. But as cyberattacks have become more sophisticated, the buck now stops with the brand.

Organisations are no longer excused from looking beyond their own security perimeter to protect customers and partners. It’s surprisingly easy for attackers to impersonate a brand on the internet. Even an unsophisticated attacker can register a domain similar to a well-known brand and draw customers, partners and the public to it. Because there’s an underlying level of trust in the brand they are impersonating, there is an elevated risk of customers clicking on a link that deploys malware to their device, or sharing personal information that is used later for financial gain.

Nine out of ten cyberattacks globally use email as the primary attack channel. Business email can be used to give criminals access to confidential information, gain control over an organisation’s IT assets and disrupt business operations. 

We advise that organisations employ a cyber resilience strategy by implementing effective security controls to detect and protect against a cyberattack, advanced archiving and business continuity tools to ensure productivity during an attack, and the ability to quickly recover data and restore business systems in the wake of an effective cyberattack.

Effective security controls must include protection from external threats at the email perimeter and internal threats within the network and organisation. They then need to look beyond the perimeter to ensure their brand isn’t being impersonated to target external email users like customers.

While it might seem obvious, there are still some organisations that aren’t protecting themselves from emails containing malicious links or malware within attachments.

First and foremost, organisations need to implement effective controls at the perimeter to detect phishing, spear-phishing and malware attacks. But it doesn’t stop there. Criminals often try to bypass perimeter security by using a compromised employee’s account or social engineering to transmit email from an internal network, which can then expose organisations to immense risk. All it takes is for one employee to click on a malicious link or open a compromised attachment to put the entire network at risk. Regular awareness training should be the norm for South African organisations to ensure their employees have the knowledge to identify and avoid risky behaviour.

Protecting an organisation from brand impersonation is then the third and often overlooked step to ensuring pervasive protection.

Organisations should look at tools such as DMARC to protect the domains owned by the organisation from impersonation and fraud. This should be supported by the ability to proactively hunt for domain and brand abuse, and the power to take down fraudulent sites aiming to exploit customers and partners. Unfortunately cyberattacks like this leverage and can ultimately destroy value and trust that a brand owner may have taken years or decades to build.  So, it’s really in the interest of the brand to take the correct measures to prevent this from happening.


TikTok takes on COVID-19

The fastest growing social media platform in the world has also become an epicenter of public education about the coronavirus, attracting more than 30-billion views, writes ARTHUR GOLDSTUCK



The young have been getting a bad rap for wanting to party on while COVID-19 sends the world into lockdown. But a different movie is playing itself out on the social platform that is growing fastest among teenagers: TikTok.

Awareness campaigns by TikTok itself, collaboration with the International Red Cross, and spontaneous videos made by TikTok creators have combined into a barrage of information, education, awareness and social consciousness around the coronavirus.

Both globally and in South Africa, TikTok’s COVID-19 campaigns have gone viral.

The local #HayiCorona challenge, designed to remind people not to touch their face and wash hands regularly, has passed 1.5-million views. The TikTok collaboration with the International Red Cross, the #WashingHands challenge, has passed 12.6-million views.

One of the best-known participants in these challenges is the past year’s icon of South African talent, the Ndlovu Youth Choir, took up the global challenge with a 20-second hand-washing video. It put together a performance that brings tremendous energy to what can be a clichéd message, and ends with a punt for the Department of Health’s WhatsApp information service. The video can be viewed below.


Our community has limited access to running water. Follow these instructions on how to safely wash your hands using a bucket. ##coronavirus##washinghands

♬ original sound – ndlovuyouthchoir

“On a global scale, TikTok also partnered with the World Health Organization (WHO) to ensure that, while creators are still having fun and expressing themselves on the platform, they stay informed with COVID-19 information coming from a reliable source,” a TikTok spokesperson told us. “Through the partnership, the WHO has created an informational page on TikTok that offers information to curb the spread of the coronavirus as well as dispelling myths.”

The page can be viewed at

TikTok has hosted a number of livestreams with WHO experts, attracting users from more than 70 countries, tuning in for live question and answer sessions. It has also introduced labels on coronavirus-related videos, to point users to trusted information. Resources are also offered directly in the app and in a dedicated COVID-19 section of TikTok’s Safety Center, at

If users simply want to explore videos on the topic, they can search via the #coronavirus hashtag, or click on The hashtag has had an astonishing 33.8-billion views, indicating the scale of activity and interest around the topic on the platform.

Read more on the next page about how South Africans have embraced the campaign.

Previous Page1 of 3

Continue Reading


On World Backup Day: backup, backup, backup



It was World Backup Day yesterday, 31 March, at a time when business continuity is threatened as never before. That makes calls for protecting email and defending against ransomware all the more urgent.

The global coronavirus pandemic has brought into stark relief many organisations’ lack of business continuity plans and policies. With more than two billion people around the globe in forced lockdown in wide-ranging government efforts to stem the tide of infections, an unprecedented number of employees are working remotely.

This interruption to the normal way of work is precisely what an effective and resilient business continuity strategy should plan for, says Heino Gevers, cybersecurity specialist at Mimecast

“Companies need uninterrupted access to critical business applications during times of disruption, including safe and secure web and email access for workers that are now operating outside the normal perimeters of the organisation,” he says. “In addition, comprehensive backup and archiving solutions should be ready to restore access to critical business applications should there be any unplanned downtime to ensure continuity until the crisis passes.”

According to Gevers, the current global crisis is likely to push business continuity up the list of priorities for many organisations that have been disrupted by the effects of the coronavirus.

“Organisations are facing new challenges to their productivity; for example in terms of technical support. If a remote user is infected with malware or ransomware, how does the IT team restore that device or do any remediation without being able to physically access it?”

Gevers advises that organisations implement tools that enhances the data protection capabilities of commonly-used tools such as Office365 and can leverage archived data to provide quick recovery of email data in the event of accidental loss, malicious attacks or technical failure. 

“As adoption of cloud-based business applications grow in the wake of forced lockdowns around the globe, companies need to ensure they have the tools to recover in any situation,” he says. “This includes a data management strategy that combines archiving, backup and data protection capabilities to allow for quick restoration of critical systems and applications in the event of disruption.”

Jasmit Sagoo, head of technology at Veritas for the United Kingdom and Ireland, warns that this is a golden age for cybercriminals looking for ransomware opportunities.

“As the global cost of ransomware continues to grow, this World Backup Day, Veritas is saying: ‘don’t pay up, back up!’,” he says. “Ransomware is said to generate an estimated annual revenue of $1 billion a year, and companies who are not consistent in backing up their data are allowing criminals to line their pockets.

“Ransomware attacks exist only because some businesses can’t survive unless the hackers give them back their data.  So, the key to survival is removing that reliance and being able to regain access to data, without engaging with the cybercriminals.  The best way to do that is with a sound backup strategy.

“Sagoo advises organisations to create isolated, offline backup copies of their data to keep it out of reach of any attackers.  They then need to proactively monitor and restrict backup credentials, while running backups frequently to shrink the risk of potential data loss. Businesses should also test and retest their ransomware defences regularly.

“Ransomware strikes without warning and it doesn’t discriminate between its targets – it can happen to any organisation, large or small. Despite their best efforts, most companies will fall to at least one attack. What distinguishes one victim from another is the ability to bounce back, which ultimately depends on its backup strategy.

“When ransomware hits, organisations that aren’t prepared often feel helpless to do anything other than to submit to their attacker’s demands.   That’s why we’re urging all businesses to use World Backup Day as a catalyst to get ahead of the situation and get their data protected.”

Continue Reading


Copyright © 2020 World Wide Worx