South Africa hit by more cyber-attacks than any other country in Africa
12 April 2017: The current levels of threat posed by cyber-attacks on corporates and individuals have reached a critical point. It is no longer a question of if it is going to happen, but rather when. It is time to sit up and take notice!
No industries escape the threat of cyber-attacks, with Financial and Health Care industries featuring prominently. Most cyber-attacks originate from the United States, Russia, and China. Unfortunately, most technologies like Anti- virus, firewalls, IDS, IPS can be easily bypassed by the attackers. The emphasis therefore is on keeping abreast of this global threat and taking sensible precautions to ensure maximum readiness to deal with any attack.
While cyber – attacks vary in their level of sophistication and objectives, depending on the entity behind the attack, they don’t need to have extensive skills to be devastating; many Chinese hacker websites offer evasion tools for download, including links to Reduh, WebShell, ASPXSpy, and many others, plus exploits and zero-day malware.
A look at some of the cyber-attack figures is alarming. In 2015, more than 500 million personal records were stolen or lost globally because of cyber-crime. Phishing attacks also dramatically increased by a whopping 55%. South Africa is not immune to these attacks. In 2014, South Africa had the highest number of cyber-attacks on the African continent, with losses at that time estimated at R50 billion. A disturbing 23% of recipients now open phishing messages, with 11% opening the attachments. Just one click from an employee and the attacker has a footprint into the targeted organization.
On top of the list of cyber–attacks are Spear Phishing and Ransomware. A successful ransomware attack is devastating; It disables an organizations ability to use its computers systems and all files become encrypted and inaccessible, it then becomes easy to extort the organization for money in order to return their business to normal
Detection is a problem
Attackers always seem to be one step ahead of the defenders. They are more persistent and are not bound by the company’s red tape, budget and headcount.
It takes an average of 280 days to detect the attack, with delayed response times of weeks and months, negatively impacting the business. The laws necessary to prosecute cyber criminals are also inadequate at best, making prevention better than cure. How do we do that?
Jim Green, Chief Technology Officer, Secnovate says that companies should focus attention on improving employee awareness of cyber-attacks. The most vulnerable part of a company’s defence against cyber-attacks is poor awareness of the risks posed by phishing e-mails by employees.
So the message is clear, cyber-attacks will continue to increase and become more devious and devastating with time. A company can’t assume that the chance of a cyber- attack on it is a million to one. It has to be pro-active, understand what hackers look for and establish if they already have a footprint into the organization. There is also a requirement to provide employees with the relevant anti cyber-attack training, undertake regular ‘health checks’ on IT systems and deploy turn-key and tailor made cyber security solutions. It may be saving more than just being attacked, it may save the business.
Secnovate is a Cyber Security Services and Solutions provider, offering a full range of both Turn-key and Tailor-made solutions. Please visit our website at www.gnlcyber.com for more information.
The Company has access to an extensive network of both global and local knowledge and capabilities able to assess and mitigate the ever-growing and ever-present cyber threat, and deliver unique value to our customers across all industries and business sectors.
The Company offers field proven concepts and solutions, developed by leading experts, to address real-world threats, today and in the future.
We know and understand cyber threats and associated challenges and have successfully delivered projects to secure large installations, maintaining their safety and operations throughout.
Our portfolio of solutions includes:
- System health assessments:
Providing a variety of options to assess system vulnerabilities both from the outside world and from within the organizations, and advise management on the nature and extent of system vulnerabilities and mitigation approaches available.
- Security solutions and interventions:
Independent, non-product aligned advice on best-in-class security solutions based on comprehensive vulnerability testing.
- Training and Awareness:
Offering a comprehensive portfolio of awareness and training options – from awareness presentations on cyber security, staff behaviour change management (specifically with respect to phishing threats), skills development for IT practitioners (including simulation of cyber-attacks and mitigation approaches) and crisis management for company executives.
- Security Operations Centre (SOC)
Providing 24/7 client network monitoring, Incident Response and First Responder Support.
Our core competency revolves around sourcing globally available best-in-class cyber solutions and applying these in the South African (and African) market context.
For media queries, please contact:
cell no: 0828977752