Subscribe
About

What makes SA a target for cyber crime, what actions can be taken?

By Eleanor Barlow, Content Manager at SecurityHQ

As per INTERPOL’s African Cyberthreat Assessment Report 2022, a total of 230 million cyber threats were detected in South Africa, out of which 219 million, or 95.21%, were e-mail-based attacks. What’s worse is that the nation is already suffering from an alarming 100% increase in mobile banking application fraud and is experiencing on average 577 malware attacks every hour.

But what are the loopholes in South Africa’s cyber security system that bad actors are taking advantage of? I aim to cover just that in this press release.

There are three primary reasons that make South Africa particularly susceptible to cyber crime.

1. Poor investment in cyber security systems

Compared with other nations, South Africa has comparably weaker cyber defence systems in place. High poverty rate, inequality, low employment rate, shortage of skilled labour and the struggle to keep up with the sophistication and number of cyber crimes are some reasons that count towards the nation’s struggle to combat online attacks.

Although there is a recognition of the need for more stringent cyber security systems, a shortage of funds and skilled tech workforce can often impede efforts.

2. Lack of awareness

Not only is there a lack of training, but the rapid transition to remote work culture has increased exposure, creating a breeding ground for cyber attacks to take place both in and outside the office, and against both personal and business devices.

3. Antiquated laws and poor law enforcement training

Hackers take advantage of the fact that cyber crime legislation and training for law enforcement are weak in developing countries. Although South Africa’s Cyber Crime Bill was adopted as law in 2021, it still lacks proper training for many cyber police.

“It has been acknowledged that South Africa is often a target for cyber crime and is among the highest cyber attack regions in the world. General opinion will tell you the lack of investment in cyber security has been, and remains, a problem that contributes to making South Africa an attractive place for cyber criminals. Another challenge, which is a problem worldwide and even more prevalent in this region, is the availability of technical resources from a support and analytical perspective,” said Rob Griggs, Regional Managing Director of SecurityHQ, SA, and John Taylor, Regional Sales Director of SecurityHQ, SA.

Real-life examples of cyber attacks in South Africa

In October 2021, hackers hit the City of Johannesburg with a network breach. As a precautionary step, key government e-services were halted. The hackers demanded a hefty ransom of R500 000 or US $37 000.

Around the same time, a chain of DDOS attacks was launched against multiple banks in South Africa, including Standard Bank and ABSA. Hackers launched the attacks on payday, which significantly delayed pay cheques. Much like in the attack against the City of Johannesburg, malicious actors again demanded ransom in Bitcoins.

In February 2022, a highly sophisticated ransomware attack was attempted against internet service provider RSAWEB. The company discovered the attack in time, and contained it, followed by restoring services to customers. RSAWEB claims that no customer data was accessed or exploited by threat actors. They were lucky, but many organisations throughout South Africa are targeted every day with ransomware attacks.

Click here to learn about: The Real Cost of a Ransomware Attack and How to Mitigate Ransom Threats.

How to enhance cyber security at both personal and organisational levels?

Threat actors are becoming more sophisticated with their techniques. As a result, new tools, vulnerabilities and attack vectors surface daily, but following a few best practices can help avert cyber attacks.

  • Access only HTTPS websites

HTTPS websites are secured. A padlock sign in the URL bar indicates that the connection between your web browser and the website server is encrypted. It protects you from eavesdroppers or hackers intending to intercept communication between your browser and website server.

  • Keep your software and devices updated

Updated and patched software and devices are fuelled with updated codes that are capable of combating newly discovered tactics and procedures. Do not overlook update notifications.

  • Implement a firewall

A firewall uses a set of updated rules to spot and block malicious traffic. A firewall is your first line of defence against malicious and anomalous activity. It is a crucial element that keeps out dangers, controls and monitors activity, accepts, rejects and drops access.

  • Regular and high-quality backup

A regular and clean backup can mean a vital difference to securing your information in the event of a ransomware attack. Follow the 3-2-1 backup rule, whereby you make three copies of data, stored in different locations.

  • Scan and monitor

Daily scanning and monitoring for malware, vulnerabilities and other issues are required. This is the only way to be aware of security issues targeting your data, people and processes.

  • Invest in e-mail authentication

E-mail authentication protocols add another level of security to your daily operations.

You can choose how recipients’ mailboxes should treat e-mails failing authentication checks by setting policies. Learn more about e-mail security here.

Invest in TRI and penetration testing services

SecurityHQ’s Threat & Risk Intelligence (TRI) service involves the analyses of data to identify threat actors and vectors victimising business. It maps your digital footprints with attack tactics to understand the surface exposure from a hacker’s point of view. View, monitor, prioritise and analyse all digital elements of your organisation, including internet, applications, systems, cloud and hardware. Harvest information from the dark web, deep web and public domain for complete visibility.

Penetration testing involves simulating an attack on your network surface to identify security loopholes. Hunt for, and highlight, vulnerabilities in your network by emulating real-life external and internal attacks. Testing conducted in a controlled environment, without compromising routine business activities.

If you live or work in South Africa and want to enhance your cyber security posture, reach out to a member of our team or speak to one of the local team members, based in Johannesburg, for more information. Fill out this form and our security experts will get back to you.

Share