The spate of cyber-attacks such as the recent Petya ransomware and the related WannaCry a few months ago, have left many organisations in Europe and Asia crippled. The malicious software has spread through large firms leading to corporate data being ‘locked up’ and held for ransom. Now that the recent Petya ransomware has spread to South Africa, local companies need to gear themselves for the third-wave of similar cyber-attacks.
Ransomware essentially takes over a user’s computer, infecting it when the user opens an attachment. This results in documents on the PC being ‘locked’. The user receives a demand for a ransom, usually requested in Bitcoin, in exchange for a decryption key to unlock the data. Newer waves of ransomware like Petya, however, don’t stop at a single user’s device, spreading rapidly into the systems of entire organisations with damaging – and costly – consequences.
South African industry has not and is not exempt from this threat. Consequently, South African businesses should actively continue to invest in measures to protect themselves. This begs the questions, where can we start, and who should be taking ownership of ensuring these threats do not affect South African businesses and government?
Vikas Kapoor, Practice Head of Cyber Security and GRC at In2IT, says, “Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact. This can be avoided if people practice safer browsing and computing habits.”
Kapoor cautions South African businesses and government to start working in their own capacity to protect themselves, and collectively to protect their industry. Implementing basic IT security and safety practices starts at a grassroots level, which often gets ignored due to focus on “blindly following the trends in security”.
In many countries across the globe, youths as young as 12 are being taught basic Internet safety practices in order to know how to identify risks. In an age where people are being given Internet capable devices from a young age, individuals should know what constitutes a suspicious file or attachment, how to securely navigate the Internet and social media, and what to do to protect yourself and your device from threats.
In South Africa, Internet safety for individuals is not typically a high priority. Many users of computers, tablets, and smartphones do not even have basic anti-virus software on their devices. With Shadow IT invading companies and employees using their own devices at the office, having an unprotected device connected to an organisational network can pose a significant threat, opening the door for hackers.
Educating the masses requires a large cultural shift and a top-down implementation. Governments can get involved by launching “Cyber Security focused” – startup community and school programs with mobile-accessible online education portals. These assist to teach people from an early age about the dangers of accessing the Internet and opening unknown attachments. Armed with proper knowledge of password protocols, safe IT and computer habits, and how to use anti-virus software, security can slowly become top of mind on an individual user basis.
From an industry and organisation perspective, In2IT’s CEO, Saurabh Kumar, says that organisations should be prioritising IT security, not just for now but with a strategic view of the future. “Organisations should have a roadmap which details their committed investments in security for the next three years. If not laid out, they put themselves at risk from newer threats as and when they arise. Ideally, these investments should include what technology they will use, the processes and compliance that they wish to implement, and the people and financial resources required to do so.”
As digital transformation gains momentum in South African, more and more business is taking place online and technology continues to proliferate every nook and cranny of industry. Cyber-attacks are liable to match this growth, putting business at ever-increasing risk. “A three-year strategy that looks at Cyber Security from a holistic way, and is continually updated to factor new and emerging threats, both within our borders and across the globe, is critical for South Africa”, says Kapoor.
According to Vishal Barapatre, Global CTO for In2IT, organisations can benefit from a co-sourcing model. “A co-sourcing model effectively spreads the risk of Cybersecurity between both the business and a cyber-security partner. What makes this so effective is that, while an organisation can implement all the tools required to protect itself, cyber security service providers remain at the forefront of knowledge. They understand what is occurring in the cyber security spheres and can take on the responsibility of ensuring systems remain current and protected against emerging threats. Co-sourcing, rather than outsourcing or insourcing, encourages threats to be responded to that much faster, mitigating the risk of infection at any given time.”
South African organisations need to have multiple security systems, software and devices across their network for full protection. This includes firewalls, intrusion detection systems, endpoint protection systems, breach detections systems, and a host of others. They should be immediately updated at every instance of a new threat, such as Petya and Wannacry. Third parties offer the resources, skills, services and real-time industry insights which can lift this responsibility from the organisation and help protect it in accordance with its security strategy, in line with its budgeted investment.