The ransomware industry is flourishing in South Africa, while business are largely unprepared for the business interruption and financial fall-out of a breach.
In a recent Carte Blanche episode, the investigative news programme revealed that South Africa had been ht by numerous major cyberattacks during 2019. State agencies were key targets: the Civil Aviation Authority was hit in July 2019; City Power was hit with ransomware twice in a matter of months. Both incidents occurred at the end of the month when most South Africans receive their salaries and do payments, highlighting the fact that ransomware attackers will exploit flaws in IT infrastructure at critical times to gain optimum leverage.
In July 2019, South Africa also experienced the longest running cyber-attack campaign among all the regions monitored by email and data security company Mimecast, according to its quarterly Threat Intelligence Report. Four major cyber-attack campaigns were detected in South Africa between July and September and several local financial services companies bore the brunt. According to Mimecast, it detected more than 116 000 attacks in SA over an eight-day period in July by an unknown actor or group, using various malware types.
The increasing frequency and voracity of cyber concerns are mirrored in Aon’s 2019 Global Risk Management Survey where participants ranked cyberattacks and data breaches as #6 in the top 10 risks facing organisations today. Startling figures are changing business and public perceptions of cyberattacks:
- Malware attacks in SA increased by 22% in the first quarter of 2019 compared to the first quarter of 2018, translating to around 13 842 attempted cyberattacks per day – Kaspersky Lab.
- A data breach in South Africa costs an average of R36.5 million, and the long tail costs of a data breach can be felt for years after the incident. SA ranked 7 out of 16 countries polled for the highest cost of a cyber breach. – IBM security study conducted by the Ponemon Institute.
- Alarmingly, in terms of the cost per record breached, SA ranks much higher at 11 on a scale of 16 polled countries, costing US$155 per record – the same as for the UK and not that far behind the US ($242 per record), which is alarming when you consider the size of the US economy compared to South Africa. – IBM security study conducted by the Ponemon Institute.
- In 2019 in South Africa, the average time to identity a breach was 175 days and 56 days to contain it. IBM security study conducted by the Ponemon Institute.
- Large businesses are not the only targets and hackers are indiscriminate. In fact 43% of cyber-attacks target small businesses according to the Verizon 2019 Data Breach Investigations Report (DBIR).
- Small businesses face disproportionately larger costs relative to larger organisations, which can hamper their ability to recover financially from the incident. IBM security study conducted by the Ponemon Institute.
- Lost business was the biggest contributor to data breach costs. The loss of customer trust had serious financial consequences for the companies studied, and lost business was the largest of four major cost categories that contributed to the total cost of a data breach. IBM security study conducted by the Ponemon Institute.
Visit the next page to read about why cybercrime has become so rampant, and how you can protect yourself.
TikTok takes on COVID-19
The fastest growing social media platform in the world has also become an epicenter of public education about the coronavirus, attracting more than 30-billion views, writes ARTHUR GOLDSTUCK
The young have been getting a bad rap for wanting to party on while COVID-19 sends the world into lockdown. But a different movie is playing itself out on the social platform that is growing fastest among teenagers: TikTok.
Awareness campaigns by TikTok itself, collaboration with the International Red Cross, and spontaneous videos made by TikTok creators have combined into a barrage of information, education, awareness and social consciousness around the coronavirus.
Both globally and in South Africa, TikTok’s COVID-19 campaigns have gone viral.
The local #HayiCorona challenge, designed to remind people not to touch their face and wash hands regularly, has passed 1.5-million views. The TikTok collaboration with the International Red Cross, the #WashingHands challenge, has passed 12.6-million views.
One of the best-known participants in these challenges is the past year’s icon of South African talent, the Ndlovu Youth Choir, took up the global challenge with a 20-second hand-washing video. It put together a performance that brings tremendous energy to what can be a clichéd message, and ends with a punt for the Department of Health’s WhatsApp information service. The video can be viewed below.
“On a global scale, TikTok also partnered with the World Health Organization (WHO) to ensure that, while creators are still having fun and expressing themselves on the platform, they stay informed with COVID-19 information coming from a reliable source,” a TikTok spokesperson told us. “Through the partnership, the WHO has created an informational page on TikTok that offers information to curb the spread of the coronavirus as well as dispelling myths.”
The page can be viewed at https://vm.tiktok.com/GHTEGf
TikTok has hosted a number of livestreams with WHO experts, attracting users from more than 70 countries, tuning in for live question and answer sessions. It has also introduced labels on coronavirus-related videos, to point users to trusted information. Resources are also offered directly in the app and in a dedicated COVID-19 section of TikTok’s Safety Center, at https://www.tiktok.com/safety/resources/covid-19.
If users simply want to explore videos on the topic, they can search via the #coronavirus hashtag, or click on https://vm.tiktok.com/swKbn4. The hashtag has had an astonishing 33.8-billion views, indicating the scale of activity and interest around the topic on the platform.
Read more on the next page about how South Africans have embraced the campaign.
On World Backup Day: backup, backup, backup
It was World Backup Day yesterday, 31 March, at a time when business continuity is threatened as never before. That makes calls for protecting email and defending against ransomware all the more urgent.
The global coronavirus pandemic has brought into stark relief many organisations’ lack of business continuity plans and policies. With more than two billion people around the globe in forced lockdown in wide-ranging government efforts to stem the tide of infections, an unprecedented number of employees are working remotely.
This interruption to the normal way of work is precisely what an effective and resilient business continuity strategy should plan for, says Heino Gevers, cybersecurity specialist at Mimecast.
“Companies need uninterrupted access to critical business applications during times of disruption, including safe and secure web and email access for workers that are now operating outside the normal perimeters of the organisation,” he says. “In addition, comprehensive backup and archiving solutions should be ready to restore access to critical business applications should there be any unplanned downtime to ensure continuity until the crisis passes.”
According to Gevers, the current global crisis is likely to push business continuity up the list of priorities for many organisations that have been disrupted by the effects of the coronavirus.
“Organisations are facing new challenges to their productivity; for example in terms of technical support. If a remote user is infected with malware or ransomware, how does the IT team restore that device or do any remediation without being able to physically access it?”
Gevers advises that organisations implement tools that enhances the data protection capabilities of commonly-used tools such as Office365 and can leverage archived data to provide quick recovery of email data in the event of accidental loss, malicious attacks or technical failure.
“As adoption of cloud-based business applications grow in the wake of forced lockdowns around the globe, companies need to ensure they have the tools to recover in any situation,” he says. “This includes a data management strategy that combines archiving, backup and data protection capabilities to allow for quick restoration of critical systems and applications in the event of disruption.”
Jasmit Sagoo, head of technology at Veritas for the United Kingdom and Ireland, warns that this is a golden age for cybercriminals looking for ransomware opportunities.
“As the global cost of ransomware continues to grow, this World Backup Day,
Veritas is saying: ‘don’t pay up, back up!’,” he says. “Ransomware is
said to generate an estimated annual revenue of $1 billion a year, and
companies who are not consistent in backing up their data are allowing
criminals to line their pockets.
“Ransomware attacks exist only because some businesses can’t survive unless the hackers give them back their data. So, the key to survival is removing that reliance and being able to regain access to data, without engaging with the cybercriminals. The best way to do that is with a sound backup strategy.
“Sagoo advises organisations to create isolated, offline backup copies of their data to keep it out of reach of any attackers. They then need to proactively monitor and restrict backup credentials, while running backups frequently to shrink the risk of potential data loss. Businesses should also test and retest their ransomware defences regularly.
“Ransomware strikes without warning and it doesn’t discriminate between its targets – it can happen to any organisation, large or small. Despite their best efforts, most companies will fall to at least one attack. What distinguishes one victim from another is the ability to bounce back, which ultimately depends on its backup strategy.
“When ransomware hits, organisations that aren’t prepared often feel helpless to do anything other than to submit to their attacker’s demands. That’s why we’re urging all businesses to use World Backup Day as a catalyst to get ahead of the situation and get their data protected.”