Security

A North Korean Cyber Espionage Group Was Active in SA – New Report

Image sourced from Feed Navigator. Kaspersky researchers have disclosed details of its latest threat intelligence reports on South Africa, including the cybersecurity firm’s analysis of APT groups in the country – major threat actors hunting for sensitive information and finances. The company’s telemetry has demonstrated that throughout 2021 entities in South Africa faced attacks from North Korean group Lazarus and Chinese speaking group CloudComputating. Advanced persistent threats (APTs) are typically, according to Kaspersky, a nation-state or state-sponsored group of extremely stealthy high-level threat actors. In the vast majority of cases, they attack strategically important organisations with a goal of cyberespionage and, in rarer cases, financial gain, since the cost of their cybera...

Beware: Microsoft is One of the Most Impersonated Brands in Phishing Attacks

Image sourced from NS Energy. Check Point Research for the second quarter of 2021 found that Microsoft was the most popular brand used to lure unsuspecting individuals and employees. This isn’t hard to believe because Microsoft’s Active Directory, continues to dominate the market share globally in 2021 and as a result is still the most popular target for phishing. The weight of this risk is emphasised by the fact that in 2021, phishing attacks increased by 47% in just the first quarter alone. The threats are smart, capable, and worrying – increasing in volume every year. Companies are facing an onslaught of risk that’s designed to fool employees into making mistakes that can cost the company money and reputation. “The risk is when employee credentials are stolen, this can lead to detriment...

Targeted Malware is Raging Across South Africa, Kenya & Nigeria

According to the latest research of internet security firm Kaspersky on threat landscape trends, South Africa, Kenya and Nigeria are facing dramatic changes in the landscape. While regular, self-propagating malware is decreasing dramatically, as it is no longer effective and cannot fly under security radars, the region will see the growth of new cybercrime models in the upcoming year. While comparing the overall number of mass cyberattacks in 2021, security researchers at Kaspersky noticed a 7,5% decrease in Nigeria, a 12% decrease in South Africa and an unprecedented 28,6% decrease in Kenya. The reason for such a change was the introduction and popularisation of new cybercrime models in the region, with cybercrime tools becoming more targeted along with a long-running trend where malware ...

Why PoPIA Compliance Remains a Challenge for Many SA Businesses

South Africa’s Protection of Personal Information Act (POPIA) officially came into effect in July and many businesses are still facing compliance challenges in how personal information is stored and processed. According to Sameer Kumandan, MD of SearchWorks, South Africa’s largest innovative data aggregation platform, businesses should have already analysed their internal policies, processes, and procedures, and aligned them to the most applicable data privacy standards in the POPI Act. “It’s also crucial that organisations understand the role their business has as either a responsible party or a processor as well as ongoing training to ensure all areas of the business are POPI compliant.” The POPI Act’s purpose ensures that the right to privacy is taken seriously and includes a data subje...

Deal or No Deal? 7 Quick Tips to Safely Shop Online This Black Friday 2021

Image sourced from The South African. “Gucci bags 80% off!” screams the email that lands in your inbox on Black Friday. It seems like an impossibly large discount, but you open the email anyway – just to check if it seems legitimate. And it does – it’s professionally compiled, there are no spelling errors, and the logos and merchandise all look like the real deal. So, you click on the link provided. And you shop. Only to see a string of fraudulent charges on your next bank statement. Black Friday is a lucrative day not only for retailers, but also for cyber criminals. In 2019, the use of retail phishing URLs jumped by 275% the week before Black Friday. Here are 7 questions to ask yourself before going on an online spending spree this Black Friday? Is my security up to date? Though many peo...

Areas of Focus for Healthcare Organisations When Securing Digital Transformation

The healthcare industry has been forever changed by digital transformation. Innovation in the medical space has led to advances in new treatments as well as cost savings that do not negatively impact the quality of care. The added benefit: faster, better networks have allowed for the growth of telemedicine, bringing quality care to thousands who did not have access before. An unfortunate side effect has been that cybercriminals are targeting the healthcare sector now more than ever. As a result, cybersecurity is critical to the success of health systems, which are increasingly at risk as cyber criminals look to steal patient data or hold internal resources for ransom. The vulnerabilities that enable these attacks exist in any vertical, but in the case of healthcare, they can be life-threat...

Beware These Fake Digital Vaccine Passports Being Sold Online in SA

Image sourced from Media24. Nearly two years into the battle against COVID-19 over 3 billion people around the globe and over 15 million in South Africa are now fully vaccinated. “As governments continue their efforts to stop the spread of COVID-19 and encourage vaccination, the scene has been set for phishing scams targeting those who are unwilling to get vaccinated, but who still want the benefits available to those who have been vaccinated”, says Doros Hadjizenonos, Regional Sales Manager at Fortinet. Vaccination cards and passes are increasingly being required to give people access to travel, events and even to their workplaces globally. South Africa, in the early stages of rolling out a vaccine passport, is considering making the digital certificate mandatory for access to venues and ...

6 Ways CFOs Can Stay Ahead of Hackers

Global losses from payment fraud have tripled from $9.84 billion in 2011 to $32.39 billion in 2020, according to Deutsche Bank’s 2021 report on the future of payments. And financial professionals are saying COVID-19 hasn’t helped matters, with 65% believing that the global pandemic is to blame for some of the accelerated rate in fraud activity, revealed by a 2021 survey by the Association for Financial Professionals (AFP). While these cybercriminals can target many areas of an organisation, the dangers are ultimately measured in financial terms. This means that Chief Financial Officers (CFOs) can no longer ignore cyber security simply because it is a complex issue outside their area of expertise. As custodians of the company’s monetary assets and financial data, CFOs are responsible for sa...

Kenya Has Had to Deal with Nearly 33-Million Cyber Attacks in the First Half of 2021

The increase in cyberthreats recorded by internet security group Kaspersky in the first half of this year in Kenya amounted to 32.8 million. Compared to similarly prominently targeted countries in the African region the recorded number was on par with South Africa accounting for 31.5 million, and near double the number recorded in Nigeria at 16.7 million. Overall, a combined 81 million attacks were recorded in these three countries, which is indicative of how significant the danger has become to organisations and users in the connected world. “Threats can be categorised as criminal (80% of attacks), targeted (19.9%), and advanced (0.01%). The advanced grouping is significantly more sophisticated and feature increased investment from attack groups. Unfortunately, both criminal and targeted ...

Forbes Cloud 100 Leader Rubrik Protects Your Data from Ransomware Attacks with Zero Trust Approach

Sourced from Kaspersky With data being increasingly valuable to a company’s organisations, ransomware attacks are surging around the world, including in South Africa. It is becoming incredibly lucrative for attackers to target businesses for their data, and at the same time, the ransomware being used is becoming more sophisticated. This means that more enterprises will feel the need to pay the ransom in the case of a breach. So says Risna Steenkamp, General Manager: ESM Division at Networks Unlimited, which distributes Rubrik solutions throughout Africa. “It is unfortunate,” she explains, “that in the event of a breach, paying the ransom is no guarantee that the threat actors will actually honour the agreement and release the data. This potentially leaves a breached organisation in the une...

31.5 Million Cyberthreats Targeted SA Users in the First Half of 2021

Image sourced from Feed Navigator. The increase in cyberthreats recorded by global internet security firm Kaspersky in the first half of this year across South Africa amounted to 31.5 million. “Threats can be categorised as criminal (80% of attacks), targeted (19.9%), and advanced (0.01%). The advanced grouping is significantly more sophisticated and feature increased investment from attack groups. Unfortunately, both criminal and targeted threat vectors learn from the advanced category to enhance their own attack techniques,” says Amin Hasbini, Head of Research Centre, Global Research & Analysis Team, Middle East, Turkey and Africa at Kaspersky. Attacks Are Becoming More Sophisticated Hasbini says that the current trends show that attackers around the world are embracing more sophisti...

The Most Vulnerable IoT Devices: Think Before You Buy This Black Friday

With the shopping season approaching, it’s likely that internet-connected gadgets and toys will be a popular item on many users’ wish lists, as more than 88% of people use IoT (Internet of Things) devices in their households. However, cybersecurity experts warn: Internet of Things devices can quickly go from fun to creepy, depending on how hackable they are. “Enormous Black Friday discounts can rush customers into buying some very questionable gadgets. However, Internet of Things devices is widely known among experts for low-security measures they usually have installed. There is a joke going around: ‘The S in IoT stands for security’. So, it’s best to think before bringing any new IoT device to your household, as it can easily compromise the whole network,” says digital security expert at...