Cybersecurity news
Remote Working Leads to 78% Increase in Cyberattacks Worldwide
Even though social media platforms are flooded with news of companies proudly presenting the fact that they are permanently shifting to a remote-work environment, they usually do not mention the fact that the pivot has created major issues for their security. Unpatched personal devices, erratic employee behaviour, and inadequately protected home networks create many loopholes for threat actors to exploit. What the Stats Say Carbon Black, a company that provides workload protection services surveyed 3,542 CIOs, CTOs, and CISOs to find out if WFH (work from home) resulted in an increase in cyberattacks. Respondents were from various industries and 14 different countries. The survey was published in June 2021. The study shows that a whopping 96% of enterprises in France saw a significant incr...
IT Teams Facing Cyber Threats in 2020 – 5 Vital Insights
Image sourced from CIO. “Around the world, 2020 was an unprecedented year for IT teams,” said Chester Wisniewski, principal research scientist, Sophos. IT professionals played a vital role in helping organizations to keep going despite the restrictions and limitations necessitated by COVID-19. Among other things, they enabled education institutions to move learning online, retailers to switch to online transactions, healthcare organizations to deliver digital services and care under incredibly tough circumstances, and ensured public entities could continue to provide essential services. Much of this will have been done at high speed, with limited equipment and resources available and while facing a rising tide of cyberattacks against the network, endpoints and employees. To say things were...
Cybersecurity Is More than A Tech Problem – It’s a Business Problem Too
Image sourced from Finance Times. A concerning number of South African companies are not prepared for the inevitability of a cyberattack despite the significant financial and reputational risks, according to Ryan Mer, MD, eftsure Africa, a Know Your Payee (KYP) platform provider. “Too few senior managers view cybersecurity as a business problem and not just a technology problem,” he says. “The reality is cybersecurity is very much a business consideration. CEOs and CFOs will eventually face critical questions such as: How much money do we spend on cybersecurity? Do we change key processes? How do we create awareness and change company culture? Do we put security ahead of operational functionality? What is the role of internal processes and staff on data security and integrity?.” Mer adds t...
6 Urgent Steps Companies Need to Take to Ensure POPIA Compliance
Sourced from Europa EU. The eleventh hour is upon businesses who are not POPIA (Protection of Personal Information Act) compliant. The effective date of 1 July is upon us. Your business should have already started its compliance journey, as it will at least help lessen the risk of cybersecurity breaches. Securing your data will help your business be in good standing with local and international partners. This will also enhance the reputation of your business and exempt you from fines and non-compliance. Here are six steps your business can take before 01 July to be POPIA compliant: 1. Encrypt Everything One of the major requirements under POPIA is to ensure that you apply Generally Accepted Information Security Protocols. While these requirements are not the same for all organisations, som...
Kaspersky Discovers Various Malicious Apps Disguising as Bestselling Game Minecraft
Sourced from Stuff. Recognised as the world’s top-selling game of all time, Minecraft attracts the attention of enthusiastic players around the world but also draws the interest of fraudsters. Earlier, Kaspersky researchers discovered more than 20 applications advertised on app stores offering additional Minecraft features. Though these malicious apps were deleted from official stores, Kaspersky experts have found newly developed ones, which exploit the game to further fraudster’s objectives. Malware on Google Play Store Kaspersky researchers analysed various apps, including those which are available for download on the Google Play store and claimed to be modpacks (user-created packages with additional gameplay elements) for the game. As a result, the company’s experts found various malici...
5 Crucial Things You Need to Do When You Receive A Phishing Email
Image sourced from Kaspersky. You may not even notice when you receive one, most suspicious emails are automatically sorted to spam by your email service – though, a few may slip through the cracks, and one or two may even be authentic enough for you to click through their contents. The most important thing to remember about phishing emails is that unless you open any attachments or click on any links, you will not be affected by malware. Phishing emails are based on social engineering and work off bait, hence the name, and unless the bait is taken you can’t be affected by the cybercriminals holding the rod, fingers twitching at the reel. If you’re not familiar with these kinds of emails or begin to feel nervous or panicked when you receive one – this list is for you. Here are 6 crucial th...
Confidential Computing – Why Privacy Should be the Heart of Digital Experiences
Image sourced from Intel. In this past year, the consumer experience came to the forefront. As we faced various stages of lockdowns, we turned to online banking, seeing our doctors remotely, running our businesses using technology and socialising through a screen. Digital interactions became a part of our lives – ever-present and normalised as we navigated changes swept in by this pandemic. As our digital interaction became seamless and permeated through every aspect of our lives, privacy continued to be top of mind. We carried out our lives predominantly online – making many of us more vulnerable to fraudsters. As we navigated living our lives digitally, data theft dominated 2020 as the most common attack in the Middle East and Africa. Across the region, data theft and leaks accounted for...
4 Security Loopholes Have Been Found in Microsoft Office Apps Including Excel, Word
Sourced from Wikimedia Check Point Research (CPR) urges Windows users to update their software, after discovering four security vulnerabilities that affect products in the Microsoft Office suite, including Excel and Office online. The loopholes were found in sections of legacy code, the vulnerabilities could have granted an attacker the ability to execute code on targets via malicious Office documents, such as Word, Excel and Outlook. Malicious code could have been delivered via Word documents (.DOCX) , Outlook Email (.EML) and most office file formats. Vulnerabilities are the result of parsing mistakes made in legacy code, leading CPR to believe security flaws have existed for years CPR responsibly disclosed to Microsoft, who then issued fixes: CVE-2021-31174, CVE-2021-31178, CVE-2021-311...
What is POPIA and What Does it Mean for Cybersecurity
With an inundation of information from all angles regarding The Protection of Personal Information Act (POPIA), and the 1 July commencement date quickly approaching, organisations could be forgiven for feeling more than a little overwhelmed. Emmanuel Tzingakis, Technical Lead for Trend Micro Sub-Saharan Africa, contemplates how POPIA can assist organisations to secure their data and be better enabled to handle any potential cyber threats. What is POPIA? With personal information becoming a hot commodity on the dark web it is critical to understand exactly how to protect data from cybercriminals. A recent global survey revealed that 79% of organisations experienced disruptions, financial loss or other setbacks due to a lack of cyber preparedness in 2020. As work from home strateg...
Cybersecurity and Data Protection Laws Urgently Needed Across Africa
The pandemic has driven home the high value of personal data to the global economy, while also highlighting its vulnerability to abuse and attack. In response, governments around the world have been reviewing their data privacy and protection laws and regulations, including in South Africa and Ghana. Global cybersecurity firm Kaspersky recently noted that cyberattacks are set to rise in African countries, especially in the key financial centres of South Africa, Kenya and Nigeria. The cybersecurity firm noted that rapidly evolving digital techniques had led to an increased risk of Advanced Persistent Threats and hacking-for-hire events in Africa. South Africa In South Africa, the Cybercrimes and Cybersecurity Act was signed into law by South African President Cyril Ramaphosa in early June 2...
Why Immutable Architecture is Key to Protecting Backup Data
Ransomware and other malware are a constant threat, and data backup is critical to safeguard a business’ most important asset. However, cybercriminals are increasingly targeting and encrypting backup data copies as well, a strategy that leaves organisations unable to recover unless they pay the ransom. Keeping an immutable copy of backup data is a best practice for data protection and is the solution in the event of a successful two-pronged ransomware attack. What is an immutable architecture? For data to be immutable means that it is unable to be changed over a period of time. With an immutable architecture, when retention policies are set for data backup and recovery, data will be secured, locked and unchangeable for that retention period. This in turn means that it cannot be encrypted b...
3 Cybersecurity Challenges Triggered by COVID-19 Lockdown
The global COVID-19 pandemic disrupted the everyday operations of businesses and as a result, the cyber risk still remains a grave concern as many business practices have been compromised. The ZA Central Registry organisation, which is the administrator of South Africa’s .za domain name, recently warned that South Africa is a global target for international fraudsters and cybersecurity measures are more important now than ever before. “It is essential for businesses to be aware of the nature of these cybercrimes and technology countermeasures to protect their businesses, especially when considering the cybersecurity challenges that have occurred during lockdown”, says Riaan de Villiers, Cybersecurity Expert and Business Analyst at LAWtrust. Here’s a Quick Look at the Top 3 Cybersecurity Ch...
