Cyber criminals continue to target South African businesses, with increasing cases in the healthcare and financial services industries a cause for concern.
Cyber crime is on the rise, and South Africa is firmly in the cross-hairs. According to Blue Turtle, the COVID-19 pandemic has also opened up a wormhole for an increase in cloud-based security threats, such as the likes of the Meow attack from last week, which targeted deleting Internet-facing databases.
“As a country, we have a real problem with cyber security, which speaks to the ease at which cyber criminals believe they can infiltrate our security defences. With the increase in the use of cloud services and remote working, the cloud is now more than ever under attack. It doesn’t paint a positive picture for even the best laid security practices,” states Hendrik Fourie, cyber security product manager, Blue Turtle. “Not only are we in the top five for COVID infections, but we have also been ranked in the top five in the world in terms of cyber attacks according to the Ponemon Institute.
“Cyber crime is itself a pandemic, the tactics are ruthless, and criminals are exploiting the global health crisis as they are attacking all industries with healthcare and financial services top of the list. If you factor in that our healthcare systems are under immense pressure, regardless of the cyber attacks, you can see that these criminals have no conscience and will stop at nothing,” adds Fourie.
If only cyber crime could be mitigated by sanitising, wearing a mask and social distancing, Fourie says we might not be in the crisis we find ourselves in. While, as individuals, South Africans are taking a risk-based approach to deal with COVID-19, the same can not be said for how we treat our information and data security or how we secure and ensure security of our cloud environments.
“The healthcare industry is by far the hardest hit, with the highest average cost of a data breach noting a per record cost twice as high as that of the financial services sector. C-level executives are being targeted as working from home puts them behind the firewall of an ISP, often with default security settings. And the same can be said for cloud services, which are now falling prey to attacks which are deleting databases, tools that are stealing credentials, and phishing scams delivering ransomware. Not only is more vigilance required, but so is faster detection, response and remediation through the use of pervasive technology that gives comprehensive security, extending across the growing multi-cloud environments to the network of remote workers,” adds Fourie.
There are some lessons to be learnt from the range of current attacks and where businesses can better protect themselves if they consider:
- Specific infrastructure, critical assets are targeted in these attacks, using ‘niche’ tools and specialist techniques.
- Cloud estates and cloud migrations are a focus for the adversaries.
- Third-party connections, such as supplier or contractor systems are often used to gain undetected access to target a company’s systems.
- Smaller organisations are targeted more often, using repeatable high-volume techniques.
- Ransomware attacks are constantly evolving and growing in frequency.
- Last year, only 28% of attacks involved malware, leaving traditional security controls blind to a large percentage of the exploits.
“With this in mind, understanding how to build and maintain a secure and compliant cloud landing zone is of utmost importance. It is a literal minefield out there, and now more than ever South African businesses need to partner with an organisation that understands the additional risk cloud computing brings to the proverbial table, an organisation which, backed by a wealth of knowledge and expertise, understands how to protect your intellectual property. Developing a security framework requires both a qualitative and quantitative approach to risk,” ends Fourie.