Johannesburg - Cyber criminals are working overtime developing new tactics to avoid detection, IT security experts have warned.
Since the advent of the Covid-19 pandemic, cyber crime has been on a considered rise all over the world and locally in South Africa, too.
Several systems of government departments or entities have been hacked, while big private corporations like TransUnion, Experian and DisChem, among others, have been subject to cyber crimes by hackers who demanded a ransom.
In the case of the attacks on TransUnion and Experian, the personal information of over 54 million credit active people in the country was breached as hackers demanded a ransom of over $15m in the TransUnion incident.
In Experian’s case, over 700 000 business entities and 24 million personal records were exposed.
In a recent threat report by Nexusguard, researchers said small bit-and-piece distributed denial of service (DDOS) attacks had skyrocketed by 233% last year.
The researchers said this was due to hackers experimenting with new attacks which were devised to avoid signature-based detection from IT security experts.
Cyber experts in South Africa are now sounding the warning about the consequences of attacks on companies, that they can be far-reaching and devastating.
They are urging companies to be vigilant.
Amritesh Anand of In2IT Technologie said cyber attackers were continuing to diversify their approaches with bit-and-piece attacks to bring down target networks and infrastructures.
He said SA’s technology landscape had become breeding ground for black hat hackers who were using the country as a testing ground for attacks before launching them on their target end-users.
“Cybercrime has recently become increasingly popular in South Africa, particularly during the Covid-19 pandemic. According to the worldwide cyber security firm Kaspersky, when many individuals were forced to work from home due to the national lockdown, hackers’ focus moved from email attacks to internet attacks,” Anand said.
The Trend Micro’s biannual cyber security research has warned that South Africa is a haven for cyber criminals, ranking among the top 30 most targeted nations for malware attacks and the top 20 for Covid-19-related email threats.
“South Africa’s technology landscape is nearly equivalent to that of other countries, allowing black hat hackers to utilise it as a testing ground for cybersecurity attacks before launching them on their target end-users.
“This has always been a tricky topic, it is like paying to release your hostage from the terrorist, should you do that? Can you compromise the life of hostages?
“If a company has a proper process, procedures and guidelines and follows cyber security standards, it should become quite easy for them to not pay if something happens,” said Anand.
In the case of a potential ransom attack, police discourage against companies paying the ransom as it encourages the continued criminal activity.
“It is recommended to contact a professional incident response team, law enforcement agency, and regulatory agency before talking to an attacker.
“So basically the choice here is - what do you want to do first, prepare a cyber security strategy or pay for ransomware?”
“For example, if a server is encrypted, and they have proper back-up on a different platform, then they can always rebuild the systems and not pay ransom.
“For hackers, ransomware is a viable and profitable business model that puts all companies using technology at risk.
“Ransom payments are often easier and cheaper than restoring from a back-up. On the other hand, supporting an attacker’s business model only leads to an increase in ransomware,” Anand cautioned.