Cybersecurity Africa
How Loadshedding Can Cause Cyber Security Risks
Image sourced from Forbes. Work-from-anywhere (WFA) model have greatly expanded in South Africa in recent weeks, as loadshedding forces remote workers to seek power from a multitude of sources, in malls and coffee shops, meaning they may be alternating between mobile phones, tablets and laptops across any number of potentially unsecured public Wi-Fi hotspots. This mobility increases the cyber security risks presented by all these devices that are often poorly secured to begin with. Smartphones, in particular, have become a critical part of the remote workforce toolkit. They are such an integral part of each person’s daily routine, people may regard them as trusted and safe. As a channel to your personal data, banking and accounts, and a link to your work and business data, smartphones...
What Happens When Cybercriminals Impersonate CEOs?
Image sourced from Feed Navigator. Traditional payment fraud has been rife for some time, where the cybercriminal impersonates the CEO, or other senior members of staff, to convince the finance department to make an urgent payment to either a new supplier or update their bank details. Now over the past month, there has been an increase in an evolved method of change of bank details or payment fraud cyber-attack. This new trend involves an internal change of bank details, mostly for the CEO. The change of bank details fraud uses fake banking confirmation letters and the trust of finance people to update an existing supplier’s details. The growing number of successful attacks have proven to be very costly to businesses of all sizes. Owing to this, many businesses have now implemented stronge...
Bad Actors Innovate, Extort & Launch 9.7M DDoS Attacks
In March 2022 we released our 2H 2021 Threat Intelligence Report. The report covers worldwide distributed denial-of-service (DDoS) attack activity during 2021—particularly during the second half of the year. As always, it’s chock-full of DDoS attack statistics, trends, and insights from our elite NETSCOUT ATLAS Security Engineering and Research Team (ASERT). Key findings include: DDoS attacks continued to exceed pre-pandemic levels. During the second half of 2021, cybercriminals launched approximately 4.4 million DDoS attacks, bringing the total number of DDoS attacks in 2021 to 9.75 million. These attacks represent a 3 percent decrease from the record number set during the height of the pandemic but continue at a pace that’s 14 percent above pre-pandemic levels. DDoS extortion and ransomw...
Why Ransomware is the Greatest Threat to Your Organisation
Ransomware is getting nastier and more expensive all the time and it has affected almost every industry and geography. No one is immune from the threat. In a global ransomware survey conducted by Fortinet, 67% of organizations report suffering a ransomware attack. Even worse, almost half said they had been targeted more than once, and nearly one in six said they had been attacked three or more times. Renee Tarun, Deputy CISO/ Vice President Information Security, Fortinet Inc. The US Treasury’s Financial Crimes Enforcement Network (FinCEN) reported that organizations paid out almost $600 million in ransomware in the first half of 2021, which puts the US on track to surpass the combined payouts of the previous decade in a single year. Last year’s attacks on the suppl...
Massive Increase in DDoS Attacks Observed – Record Numbers Reached
Image sourced from Shutterstock. Compared to Q3 2021, the total number of Distributed Denial of Service (DDoS) attacks in Q4 shows an increase of 52%. This is 4.5 times more than the same time the previous year. These and other findings were published in the new Kaspersky DDoS attacks in Q4 2021 report. What are DDoS Attacks? Distributed Denial of Service (DDoS) attacks pose a huge threat to businesses and organisations that provide online services. During such an attack, cybercriminals send multiple requests to the attacked web resource with the aim of exceeding the website’s capacity to handle multiple requests and prevent the website from functioning correctly. These attacks may last several days, causing huge disruptions for organisations. From October to the end of December 2021, Kasp...
Mobile Malware Attacks Across Africa are on the Decline – Why It Isn’t a Good Thing
Image sourced from Sectigo. While analysing the threat landscape of African countries, Kaspersky experts saw a steady decline in attacks on mobile devices in the region, as cybercriminals consolidated their efforts to focus on more complicated, dangerous and profitable threats instead. These and other findings are featured in Kaspersky’s Mobile Threats in 2021 report. Overall, in 2021, South African users faced 38% less mobile malware attacks than in 2020, while other countries in the region have seen even more dramatic changes of their mobile threat landscape: Mozambique saw a 48% decrease, followed by Botswana (58%), Nigeria (59%), Ethiopia (69%) and Ghana (76%). The only countries where the share of attacks increased was Angola, where mobile malware actually grew by 12%. “Indeed, there ...
Effective Data Backup Becomes Essential as Kenya is Rocked by Ransomware
In the wake of the COVID-19 pandemic, cybercrime, in particular, ransomware, has seen a massive increase across the globe. As a burgeoning economy in Africa, Kenya has become a growing target, with a new report from internet security group Kaspersky recording 32.8 million attacks in the first half of 2021. According to INTERPOL, increasing digital demand in the country, coupled with “a lack of cybersecurity policies and standards, exposes online services to major risks”. As digital transformation continues to gain traction in Kenya, data becomes increasingly important for business, and it needs to be effectively protected. Effective data backup and recovery are key to overcoming the potential threat of a ransomware attack. Connected, but vulnerable In Kenya, as in much of the world, the pa...
Beware These Fake Digital Vaccine Passports Being Sold Online in SA
Image sourced from Media24. Nearly two years into the battle against COVID-19 over 3 billion people around the globe and over 15 million in South Africa are now fully vaccinated. “As governments continue their efforts to stop the spread of COVID-19 and encourage vaccination, the scene has been set for phishing scams targeting those who are unwilling to get vaccinated, but who still want the benefits available to those who have been vaccinated”, says Doros Hadjizenonos, Regional Sales Manager at Fortinet. Vaccination cards and passes are increasingly being required to give people access to travel, events and even to their workplaces globally. South Africa, in the early stages of rolling out a vaccine passport, is considering making the digital certificate mandatory for access to venues and ...
NETSCOUT: The Long Tail of Adversary Innovation
Image sourced from Shutterstock. NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) observed a record-setting 5.4 million attacks in the first half of 2021, further confirmation that their “up and to the right” mantra would continue to hold true. As the findings from the 1H 2021 NETSCOUT Threat Intelligence Report show, the ongoing surge in DDoS activity is just one aspect of the dramatic global impact cyberattacks continue to have on private and public entities. “Cybercriminals are making front-page news launching an unprecedented number of DDoS attacks to take advantage of the pandemic’s remote work shift by undermining vital components of the connectivity supply chain,” stated Richard Hummel, threat intelligence lead, NETSCOUT. “Ransomware gangs added triple-extortion ...
Beware: These Are The Top 10 Brands Imitated in Phishing Attacks
Image sourced from Kaspersky. Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies, a leading provider of cyber security solutions globally, has published its new Brand Phishing Report for Q3 2021. The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during July, August and September. In Q3, Microsoft continued its reign as the brand most frequently targeted by cybercriminals, albeit at a slightly lower rate. Twenty-nine per cent of all brand phishing attempts were related to the technology giant, down from 45% in Q2 2021, as threat actors continue to target vulnerable, distributed workforces during the COVID-19 pandemic. Amazon has replac...
Most SAns Would Stop Trusting Brands Involved in Phishing Attacks – Survey
Image sourced from Kaspersky. According to the global Brand Trust survey by cybersecurity company Mimecast, almost three-quarters (74%) of South African consumers would stop buying from a brand if they fell victim to a phishing attack involving that brand, with 93% of South African consumers expecting their favourite brands to ensure their services, such as websites, emails and other communication, are safe to use. Heino Gevers, cybersecurity expert at Mimecast, says brands need to do more to protect their customers from cybercriminals. “South Africans are incredibly trusting with 69% of consumers not hesitating to open an email from brands they use regularly, and 56% readily clicking on links from their favourite brands. However, with cyber threats- including impersonation attacks and phi...
UN Calls on Nigeria, Others to Tighten Cybersecurity Regulations
Sourced from UN The International Telecommunications Union (ITU), the global telecommunications arm of the United Nations (UN) has called on the government of Nigeria, and other governments across Africa to strengthen their Internet safety regulations. Because of the COVID-19 pandemic, and general shift online, many African countries are now more exposed to cybersecurity threats than before, necessitating renewed efforts into protecting these spaces. According to the Guardian Nigeria, the UN noted that in Africa, many countries have seen a rise in reports of digital threats and other malicious cyber activities. The results include sabotaged public infrastructure, large-scale monetary theft from digital fraud, and national security breaches. The UN says that addressing these vulnerabilities...
