MENU

South Africa: A Hacker’s Paradise?

October 24, 2019 • Security, Southern Africa

Cybersecurity is a concern all across the globe and is especially prevalent in South Africa, where hackers focus much of their malicious efforts. This is true both at an enterprise level, with online businesses being targeted, as well as at a personal level with individual consumers who fall victim to Internet scams.

To date, the South African government has done little to boost cybersecurity awareness in the country. It’s up to citizens to be aware of online risks and take steps to protect themselves. Otherwise, virus attacks and data breaches will continue to be a part of the daily news cycle.

In this article, we’ll cover some of the common cybersecurity issues plaguing South Africa and look at what to expect in the future.

New Types of  Cyber Attacks

Cybercriminals typically have one of two motives when planning an attack: to make money or to cause destruction. The second scenario may be related to political beliefs or a desire to harm a specific organisation – simply causing a widespread website outage can let hackers accomplish their goals.

For this reason, companies in South Africa need to be aware of the distributed denial of service (DDoS) attacks. During one of these incidents, hackers will organise a network of bots that jam the business’s web servers with an overload of traffic, often causing hardware to crash and networks to become saturated.

When it comes to plotting money-making schemes, data is usually the target for hackers. In some cases, they will look to steal customer information, such as passwords or credit card numbers, and then sell it for a profit on the dark web. Or they may go the route of ransomware, in which the data is held hostage until the company pays a specific amount.

One example is when Liberty Holdings, a South African insurance company, fell victim to a cyber attack. Hackers managed to infiltrate the inner portion of their enterprise network and obtain records from back-end databases. Now the company must not only figure out how the criminals gained access but also how to prevent similar attacks shortly. 

Inherent Risks when it comes to the Cloud

The cloud computing movement has revolutionised how business is done online. New companies can launch websites and apps in a matter of minutes and at much lower costs than in the early days of the Internet. Back then, organisations would have to manage all of their servers and networks, whereas today, it can be outsourced to a reputable hosting provider like HostGator.

However, adopting a complete cloud approach does carry a certain level of risk. You are putting your software and data into the hands of a third-party vendor that may be the target of a larger cyberattack. For South African businesses, it’s critical to find cloud hosts that offer state-of-the-art security measures with 24/7 monitoring services. In the event of a breach or incident, you want to be notified as soon as possible so that damage can be minimized.

Enterprise Security Priorities

Before looking at tools and solutions for boosting cybersecurity, South African organisations must first look inward. A high percentage of hacking incidents occur because of social engineering, where a criminal manages to infiltrate a system by tricking an internal user into divulging credentials or information. So the top priority should be on educating and training employees on what types of threats to expect.

Then you need to consider the reach and scope of your network. Most likely you have employees who travel or need the ability to work remotely. This can be dangerous from a security point of view, especially if public wi-fi networks are used. Hackers can compromise them and intercept data being transmitted.

That’s why it is so important for companies to mandate the use of a virtual private network (VPN) clients. A VPN is simply a software application that creates an encrypted tunnel between a device and the open Internet so that even if hackers are eavesdropping, they will not be able to decode any of the information being sent.

Having a mature backup policy is also critical to the health of technology systems. In a worst-case scenario, hackers might gain control over one or more servers and lock internal users out of them using an attack like ransomware. Rather than negotiating with the criminals, it is smart to simply take the affected devices offline and revert to a stable backup copy.

The Way Forward

For South African’s, the rise in data breaches and cyberattacks is worrisome. Even if companies vow to harden their cybersecurity strategies, there is no guarantee that user data will be kept safe. That’s why government regulation will play a key role in moving forward.

South Africa should look at how to implement the POPI act similarly to the General Data Protection Regulation (GDPR) recently instituted by the European Union.

The Internet can be a dangerous place. The only way to change the trend of hacking is to build better defence systems while also informing individuals about the risks they will face when working, shopping, or browsing online. Cybersecurity strategies will never be foolproof and new types of attacks are always on the rise, but certain steps can be taken to ensure that people’s data is safe.

By Sam Bocetta

Comments

comments


Comments are closed.

« »