Following on this week’s Life Healthcare cyberattack, the issue of cyber security has once again been brought to the fore, as businesses and individuals are forced to evaluate whether measures in place are strong enough to withstand major breeches in their security.
Life Healthcare is the third major South African company that has been targeted by hackers this year. In February, Nedbank warned that the information of about 1.7 million clients were potentially affected by a data breach, and the following month chemicals and fertiliser maker Omnia Holdings said its IT infrastructure was subject to a cyberattack. Amongst the other big businesses that have been targeted in South Africa are Johannesburg City Council, Capitec Bank and Telkom.
The trend is also true for the rest of the continent. In Kenya, the National Youth Service (NYS) and Integrated Financial Management System (IFMIS) were among a host of government websites that were attacked by an Indonesia hacker group, Kurd Electronic Team.
According to Michael Tumusiime, Lead Security Engineer, at Checkpoint East Africa, a global powerhouse in cyber-security – businesses must look at threats from an architectural perspective. Considering the many attack surfaces, attackers can now get into environments a lot easier and quicker.
“We have mobile threats additionally with people working from home, the perimeter has moved therefore you can no longer protect your assets just by using perimeter security,” he says. “You need to think about the different ways that people access information and the different assets to protect against. Think mobile threats, think about security in the cloud, think about IoT devices and have a comprehensive security approach protecting those. It also helps if you have incidence response plan to help in the mitigation and recovery in case you get compromised.”
Eugene Kaspersky, CEO of Kaspersky Lab, echoed these sentiments.
“The recently reported cyberattack on a healthcare institution in South Africa highlights yet again the harsh reality that cybercriminals across the globe are continually on the look-out for ways to exploit the COVID-19 pandemic for their own gain,” he said.
“Regrettably, during the past months we’ve seen many cyberattacks on hospitals and health institutions around the world, and we consider them to be nothing less than terrorist attacks. Given that this global pandemic will likely continue for some time, we expect cybercriminals to keep exploiting the Coronavirus situation and, alas, we cannot rule out other healthcare institutions being targeted in future.”
According to Check Point, the consistent threat to companies of this size is due to the nature of cutting corners These institutions are cutting corners around cost and setup of technology and this directly relates to the challenges that they are experiencing, using technology that is not 99.9% bullet proof.
“What happened to Life Health is not unique, it is something that is happening globally. When Covid-19 kicked off we saw many customers in Europe being targeted with fictitious Covid related emails and domains,” it said in a statement. “Africa has followed closely behind as we are now starting to see these attacks reach our continent. We can also expect this trend to continue if companies use generation 3 and 4 security to ward off generation 5 and 6 attacks.”