Cape Town - Businesses are warned to take heed as cybercrime is on the increase in South Africa with losses totalling an estimated R5.8 billion last year.
Candice Sutherland, business development consultant at Stalker Hutchison Admiral, a liability underwriting management agency, a Santam-owned subsidiary, said according to statistics, it took, on average, 200 days for an organisation to identify a breach.
Sutherland said there were no exact cybercrime figures available as the reputational damage companies faced led to them keeping breaches quiet and that it could take years for a firm to detect a system breach.
“We must remember that these are highly skilled, highly trained cyber criminals and syndicates whose main aim is long-term attacks and staying hidden on networks for extended periods of time. They often bypass the system completely unnoticed for months and even years – unfortunately there is no big siren and red flag waving hack attack.”
Sutherland said several websites were brought down last year by a Distributed Denial of Service (DDoS) attack, allegedly implemented by hacktivist group Anonymous Africa. She said in light of this, businesses and individuals must take heed and protect themselves from the possible consequences of a breach.
She said Anonymous Africa was reportedly also behind the cyberattacks on the ANC’s website and Zimbabwe’s state-run newspaper, The Herald, in 2013.
Sutherland said targets by the hacktivist group included government agencies of the US, Israel, Tunisia and Uganda as well as child pornography sites, copyright protection agencies and corporations such as PayPal, MasterCard, Visa, Sony and Independent Newspapers’ Independent Online (IOL).
IOL editor Alastair Otter confirmed this, saying the site was previously the subject of a DDoS attack by a group claiming to be linked to Anonymous, more than a year ago, which resulted in some down time for the site and a range of related services.
“A DDoS attack floods a server with information requests and eventually causes it to overload and effectively shut down. The attack does not, however, give the attackers access to the data or the systems on the servers they are attacking.”
Chris Welham, marketing director of IT (information technology) firm Space Age Technology said: “I have chatted to our operations manager, whose team is responsible for monitoring our clients’ service and networks. He agrees that there has been an increase in both automated attacks as well as more and more major vulnerabilities in software are being exploited.”
Arthur Goldstuck, managing director and founder of World Wide Worx and editor-in-chief of Gadget.co.za said there was no real quantification on how many companies were victims of cybercrime, but agreed there was an increase although South Africa was not the worst country in the world.
“Very often we see companies being hacked because they have not taken enough precautions, but there are some things you cannot protect against as a regular company, such as DDoS.”
Goldstuck said this meant a site had been bombarded with requests which caused it to crash, and that companies which had their systems compromised showed that there were flaws in their security set up.
Mike Silber, spokesman for the Internet Service Providers’ Association, said the association had seen a spike in complaints from businesses and individuals.
“As use of the internet becomes more pervasive, so has the incidents of exploits with some sort of political motivation have increased. Likewise criminality for financial gain has also increased.”
He said South Africa was better protected when the country had restricted international bandwidth and low speeds, but as the market had evolved with higher speeds, multiple international links and more people spending more time online, so had the opportunity and incidents for exploits.
Hawks spokesman Brigadier Hangwani Mulaudzi said cybercrime was a global problem and South Africa was not immune.
“We have several stakeholders who we are on a daily basis collaborating with nationally and internationally which confirms the severity this crime is holistically. Much has been done, suspects arrested and as police we will continue to fight this scourge.”
Cape Argus