Know your enemy, advises a cybersecurity expert at global email management company Mimecast, following the release of its third annual report, which shows cybercrime is rocketing.
Mimecast’s Brian Pinnock said impersonation attacks (whereby emails impersonate a trusted individual or company in an attempt to gain access to corporate finances or data) increased by 62% compared with last year. Of the 69% of the organisations that were affected by cybercrime, 27% said they lost customers and 20% suffered financial and data loss. In South Africa, 88% of organisations said they experienced phishing in the previous 12 months, and 53% saw an increase over the same period.
“Cybercriminals have well-structured syndicates that have an aura of authenticity. They are unlikely to be teenagers working from home. They rely on email or WhatsApp - where you don’t question the validity of communication from contacts you know. They abuse the systems we trust and use for work or personal life,” Pinnock said.
“As the world becomes more digitised, risks of exposure to cybercrime also increase. Companies have taken steps to protect themselves against an increasingly sophisticated global industry. However, South Africa is behind more developed nations. Although other countries have acknowledged the risks and built higher walls and electric fences, we’re still using picket fences because we ignore or are unaware of the changing risk patterns. While the regulatory frameworks abroad make it easier to prosecute cybercriminals, our Cybercrimes Bill is yet to become law. This is partly why it’s difficult to police and prosecute cybercriminals,” Pinnock said.
Although technologies such as artificial intelligence are recognised as powerful tools in the fight against cybercrime, the thieves have the same technology.
“Business email is one of the most common platforms for cybercrime - nine out of 10 attacks start with email. The criminals use it to conduct the scam by pretending to be someone else, usually a bank, to get personal information that can be used to steal money.
“Mimecast’s 2019 report shows that 88% of South African organisations had experienced a phishing attack in the past 12 months. Impersonation attacks are on the rise: eight out of every 10 South African organisations experienced an impersonation attack, with 63% reporting an increase in such attacks.
“While there is a perception that ransomware is declining elsewhere, research shows huge increases: 42% of South African organisations experienced a ransomware attack in the past 12 months, compared to 23% in the prior 12 months,” said Pinnock.
Mimecast helps organisations to “implement a cyber-resilience strategy”. It collaborates with global research company Vanson Bourne to produce the State of Email Security report, which provides insights to help businesses improve their security.
In 2017, shipping giant Maersk, which transports 15% of global trade by containers, was brought to a standstill after an employee in the Ukraine responded to a malicious email containing malware.
“The attack succeeded despite Maersk’s extensive measures to protect against cyber threats. It cost the company more than $300million in lost revenue, IT restoration and other costs,” Pinnock said.
“There are many cases involving fraud using business email compromise. It happens wherever a high-value transaction takes place. We see it with car dealerships and conveyancing attorneys, where criminals impersonate one of the parties and try to change bank account details. Perpetrators are seldom caught,” Pinnock said.
“Cybercrime is also to track and report. Most consumers and businesses don’t know how to lay a charge against cybercriminals. With a stronger regulatory framework, some issues can be addressed. But it’s important that everyone does their part in avoiding behaviour that could put them at risk. Smaller companies are easier targets because their security is generally weaker: there’s a lack of skills, money and resources to protect themselves adequately.
“Individuals in smaller companies are soft targets. But smaller companies are also less attractive targets than bigger companies.”
Although Mimecast can’t send data to law enforcement without a warrant, it shares information with other vendors globally about senders with a bad reputation to help them ward off potential risks.
“A few organisations understand how the threat landscape has evolved. But many don’t and they are still using yesterday’s techniques to protect against today’s risks,” said Pinnock.