Sunday, January 19, 2025
No menu items!

Cyberattacks Risks on Third Parties: SA Financial Services

Must Read
Vusi Melane
Vusi Melane
Staff Writer

Over the past few years, there has been an exponential surge in cyberattacks globally. New technologies, a proliferation of threat actors, greater sophistication, and innovative skills invested in the cyber-underworld are all converging with the radical expansion of our digital world. This month, Statista forecasted that global cybercrime costs would rise by 69.94% between 2023 and 2028, reaching a stratospheric high of 13.82 trillion U.S. dollars. In contrast, Gartner has projected that global cybersecurity and risk management spending in 2024 will total $215 billion. While this disparity is significant and troubling, it represents a 14.35% increase over 2023, which is notably higher than the 8% growth projected for all other global IT spending.

Cybercrime is big business


Executive Risk Consultant at ESCROWSURE, Anthony Watson, says, “These forecasts highlight how cybercrime has rapidly become ‘Big Business’ across the world. Today’s threat actors are not just scammers trying their luck but include highly organised cybercrime syndicates, well-funded state-sponsored cybergangs and leading-edge bands of advanced hacktivists.”

“Financial institutions are of course, amongst the top targets for threat actors, and we’ve recently had Manoj Puri, ABSA Chief Information Security Officer reveal in the media that the bank has experienced a 400% increase in cyberattacks over the two years that he has been in the role with millions of attacks taking place every month. It’s not just the intensification in number of cyberattacks that’s a challenge, digitisation has swiftly expanded the attack surfaces of both corporate and government institutions. These digital territories that must be safeguarded now include all the attack surfaces of their third-party suppliers, and in turn, those of their 4th party suppliers. Establishing adequate defences and responding to ever-evolving threats has never been so complex and gruelling, and so critical to business continuity.”

Objectives for threat actors

While the ultimate goal of threat actors is monetary gain, their common strategy involves holding data and software hostage. Ransomware, denial-of-service attacks, and supply chain attacks can all sever a company’s access to essential business software. Malicious actors may specifically target software source code to block legitimate users, disrupt operations, and prevent business continuity.

Governance, Risk and Compliance Officer for the Galix Group, Ryan Boyes, says, “In general, cyberattacks are picking up in all areas however there are increasingly significant risks to organisations surrounding third-party source code.  We are seeing threats to software source code such of Man-in-the-Middle Attacks (MitM), Backdoor attacks, Source Code Leaks and Code Injection to name a few. There have been many incidents and unfortunately, this trend will continue. A pattern is emerging regarding supply chain attacks. Typically, these attacks target the software supply chain directly and compromise the trusted third-party software providers. This is done to distribute malicious code to their customers. Unfortunately, as digital information is so fluid, the ways in which it can move makes it a lot harder to track, monitor and manage. We are also seeing threat attackers using more Sophisticated Attack Techniques such as supply chain attacks, typo squatting and dependency confusion to insert malicious code into widely used libraries and tools.”
Data and software encryption 
Through a variety of tactics, threat actors are constantly attempting to infiltrate the networks of financial organizations and their suppliers. Once they compromise the attack surface, they deploy applications that systematically encrypt both data and software. They then offer decryption keys in exchange for untraceable payments, often in cryptocurrencies. Frequently, the ransom amount is minimal compared to other damages inflicted on the targeted business. It’s not only the frequency of cyberattacks that has escalated but also their severity. Research indicates that institutions are experiencing substantial and increasing financial losses, with recovery periods becoming longer and more arduous.
Watson comments, “In its State of Ransomware in South Africa 2024, cyber security provider Sophos, reports the average cost of recovery incurred by South Africa organisations excluding ransom payments runs to over 1 million USD and 26% of organisations require between one and six months to recover to full operational capacity. This underscores the urgency for South Africa’s financial sector to become meticulous when it comes to cyber hygiene and shows why cyber hygiene across the entirety of an organization’s attack surface has become a crucial factor in the risk assessment and selection of third-party software suppliers. While the concept of cyber hygiene includes a range of practices to maintain the health and robustness of interconnected operating systems, we are seeing software escrow emerging as a key cyber hygiene protocol that helps to address the inherent third-party software vulnerabilities.”
- Advertisement -

Ethio Telecom & AfDB Partnership to Drive Ethiopia’s Digital Economy

In a strategic effort to support Africa's digital transformation, Ethio Telecom has partnered with the African Development Bank (AfDB)...
Latest News
- Advertisement -

More Articles Like This

- Advertisement -