Ransomware continues to threaten businesses in Africa and cyber security technology vendors urge vigilance, especially ahead of Black Friday, Cyber Monday and the festive season.
Mandy Duncan, country manager for HPE Aruba Networking South Africa, cites research by Interpol which states that cyber attacks in Africa have surged by 23% year-on-year, with ransomware being one of the most prevalent threats.
Duncan says dealing with ransomware effectively often means using a mix of security solutions. “If these solutions aren’t well-coordinated, it can lead to complexity, inconsistencies, and gaps in security. This makes it harder for teams to carry out the essential functions needed to guard against ransomware threats.”
‘Well-coordinated’ in this context means implementing a layered security approach where various solutions work together seamlessly to provide comprehensive protection against ransomware explains Duncan.
“This involves establishing and continuously monitoring trust across multiple layers of the IT architecture, preventing the complexity and gaps that a fragmented security approach can create. This cohesive implementation ensures that critical functions needed to protect against ransomware threats are effectively carried out.”
BEC threat
Mukondeleli Masiza, complex claims handler for liability, financial lines and cyber at Allianz Commercial South Africa, says organisations must watch out for business e-mail compromise (BEC).
“This period, characterised by increased workloads and a rush to meet annual targets, presents a ripe opportunity for cyber criminals to exploit vulnerabilities through BEC schemes. With employees often stretched thin and distracted, the risk of falling victim to such scams is significantly heightened, necessitating increased vigilance and proactive measures to safeguard against potential losses.”
Businesses must prioritise cyber security awareness and vigilance says Masiza. “This involves educating employees about the tactics used by cyber criminals and encouraging a culture of scepticism towards unexpected email requests, especially those involving financial transactions. Regular training sessions and phishing simulations can help reinforce these practices.”
Moreover, implementing robust email security protocols is crucial, adds Masiza. “Businesses should consider deploying advanced email filtering systems that can detect and block malicious content before it reaches employees' inboxes. Multi-factor authentication (MFA) for email accounts adds an additional layer of security, making it more difficult for unauthorised users to gain access.”
Intensified threat
In April 2024 Sophos released its State of Ransomware in South Africa in 2024 report based on the findings of a survey conducted between January and February 2024.
THe participants (330 IT professionals in mid-sized organisations in South Africa) were asked to respond based on their experiences in the previous 12 months.
According to the report, 69% of organisations were hit by ransomware in the last year. This is a decrease on the 78% reported in Sophos' 2023 survey but a substantial increase on the 51% reported in 2022. By comparison, globally, 59% of respondents said their organisation had experienced a ransomware attack in the last twelve months.
Furthermore, in 97% of ransomware attacks, cyber criminals tried to compromise the organisation’s backups, slightly above the global average of 94%.
“During peak shopping days, this threat intensifies,” explains Pieter Nel, sales director, SADC, Sophos. “With the surge in online deals, more employees may be shopping from their work computers, feeling that Black Friday or Cyber Monday is a legitimate time to do so. This increases the risk of them clicking more freely and potentially exposing the organisation to malicious links or phishing attacks."
Breaches costing millions
Centurion-based digital forensic and cyber security firm Cyanre has also conducted market research to provide more clarity to organisations.
The company was established in 2006 and is focused on cyber forensic investigations, IT risk management, data recovery and electronic discovery.
Cyanre released its mid-year report The Real State of Cyber Security in South Africa 2024, which provides insights into evolving cyber threat landscape, highlighting the latest trends, emerging threats, and effective preventative measures detected over the past four years.
The company stated that to date in 2024, they have observed a notable drop in the number of ransomware attacks, but an increase in data exfiltration cases. This could be attributed to a wider awareness regarding the threat of ransomware and the adoption of anti-ransomware measures.
“The reduction of the quantity of data being exfiltrated suggests that the perpetrators are becoming more selective, focusing on important or sensitive data instead of anything they can lay their hands on. While this could lead to fewer data subjects being affected, it is an extremely worrying trend that they are strategically targeting more sensitive, and therefore more valuable data,” reads part of an information sheet supplied by the company.
Share