Johannesburg: With more than 54 million South Africans’ personal information in the hands of hackers, following a massive cyberattack at the TransUnion credit bureau, experts in the IT security field are calling for a strategic national response to fight back..
The latest attack on TransUnion, in which hackers who have identified themselves as N4aughtysecTU, are demanding a staggering $15m (about R225m) in ransom payments from the firm.
TransUnion said: “We have received an extortion demand and it will not be paid”.
It said the hackers gained access through a server by misuse of an authorised client’s credentials.
It is not the first time hackers have been able to breach a major institution in the country.
Hackers intercepted the City of Johannesburg and demanded more than R500 000. The state port operator, Transnet, also came under attack,leading to ports being shut for several days. At the peak of the pandemic, the Life Healthcare group was forced to temporarily shut down it's system after an attack.
Last year, a report by Interpol warned that South Africa was under cyberattack.
The five common threats were identified as online scams, digital extortion, business email compromise, ransomware and botnets, according to a BusinessTech report last October.
These could include scamming techniques such as acting under false pretences, soliciting sexual images and using them as blackmail, hacking into emails and gaining data which could be used to trick companies into making payments into fraudulent accounts, the report said.
Tshepo Mokoena, the chairperson of the IT firm IN2IT, says it is time for a nationwide consolidated response to combat the threats to the country.
“Banking, government services such as electricity or water supply, and telecoms are more vulnerable to the latest wave of cyberattacks.
“Usually in such cyberattacks many SMMEs are impacted as a collateral damage so, irrespective of the size of the organization, in today’s digital age everyone needs to do long-term sustainable cybersecurity safeguarding,” said Mokoena.
“The current level of readiness to thwart cyberattacks is limited to individual organisations, whereas what is needed is a consolidated country level readiness to tackle cyberattacks.”
As a specialist in artificial intelligence, cloud and cybersecurity, Mokoena likened the threat of cybercrimes to the Russia-Ukraine conflict.
“In cybersecurity, physical distance is not relevant as globally anyone is just one click away. The 2017 Russian cyberattack on Ukraine’s banking and financial services later spilt over to UK, USA, France, Germany, and many other countries.
“Data-wiping software was used in Ukraine and those can spill over to the world. In recent times, the EU, Nato and many others have been part of global cybersecurity support to Ukraine.
“So, any retaliation will have an impact beyond just one or two countries.”
Mokoena said the country should expect more attacks as multiple cyber threats would be targeted at remote and hybrid workers.
But, as a means to mitigate risk, for now, he said: “Safeguard networks and end points. Use multifactor authentication wherever possible, software patches (that are) up to date and network segmentation.”