LAST WEEK South Africans were once again alerted to the news that two of the countries largest consumer credit reporting agencies, Transunion and Experian, faced yet another cyber security breach with the last one having occurred in 2017.
The hacker group N4ughtySecTU, who claimed responsibility for the previous breach, once again announced that they managed to infiltrate the agencies’ databases and have acquired consumer credit information for millions of South Africans.
The hackers have demanded a ransom of $60 million (roughly R1.1 billion) from the two agencies to stop them from releasing this private data to the rest of the cyber underworld where it can be used for identity theft, financial fraud, increased scam attacks on users and much more. While both Transunion and Experian have maintained that there is no evidence of a breach on either of their systems, just the mere threat of an imposed breach poses significant concern, especially considering the nature of the data involved.
However, as serious as this threat is, it is not an isolated event. Ransomware attacks have been an increasingly growing concern in South Africa with more and more businesses and individuals coming under attack of late.
These attacks usually involve accessing business systems, extracting and encrypting their data and essentially holding the information hostage until a ransom is paid, usually in cryptocurrency such as bitcoin which can be virtually untraceable. Legally, ransomware attacks are considered cyber extortion and fraud, however the South African courts have yet to convict a cybercriminal under the Cybercrimes Act of 2013 for such an attack.
Businesses victimised by ransomware face a delicate balance. They have an obligation to protect their users’ information and data under the Popia act while being simultaneously coerced by attackers threatening to release, publish or erase sensitive data.
If you find yourself in such a predicament, you are required by law to make several notifications including to the owners of the data involved, the information regulator and to the South African Police Services.
It is advisable to never try and deal with a Cybersecurity threat on your own but to make sure you engage with the right professionals such as Forensic Investigators, PR Professionals and Legal Counsel.
So, you are probably asking yourself, “how do I avoid falling victim to such attacks?”
Here are my top 5 tips to ensure you keep yourself and your data safe:
Be sceptical of unsolicited emails: These are often disguised as enticing offers from Takealot or gift vouchers from supermarkets such as Pick n Pay or Spar. South Africans are also experiencing an increase in emails that appear to be official communication banks or the Post Office. These links are a common tactic used by cyber criminals to get unauthorized access to systems.
Use reliable security software: Invest in trusted antivirus and anti-malware solutions. These tools can detect and block ransomware and other threats.
Educate employees and family members: Awareness is key. Ensure that everyone who uses your network understands the risks and knows how to identify potential threats. Also, update your passwords regularly and use 2 Factor Authentication (2FA) where possible
Be wary of public wi-fi: Avoid conducting sensitive transactions or accessing important data when connected to public Wi-Fi networks.
Update software regularly: Ensure that all your software, especially security software, is up to date. Regular updates often include patches for security vulnerabilities.
In this digital-first era, our computers and cellphones are treasure troves of personal information that cyber criminals would love to get their hands on. They provide access to our contacts, banking services, personal documents, and much more, which is all the more reason that we adopt proactive measures to ensure the safety of our digital assets.
Remember, the security of your digital life is in your hands. Stay informed, stay vigilant, and take the necessary steps to protect yourself and your in the ever-evolving digital world.
With more than 20 years of experience as a techpreneur and digital solutions strategist, Joel Moodley harbours a deep passion for all things tech related, including the evolving world of AI.