Cybersecurity is everyone’s business
CAPE TOWN – Everyone from the top down including government, banks, service providers and municipalities are responsible for promoting cybersecurity awareness in the country and the reason for South Africa claiming the second spot behind Russia for the top 10 countries targeted for banking android mobile malware.
This is according to Basie von Solms, a research professor at the University of Johannesburg who was one of three guest speakers at the Kaspersky Lab’s annual Cyber Security Weekend 2019 conference which took place at the V&A Waterfront’s Table Bay Hotel this week.
Von Solms, referring to an earlier statistics slide presented by a Kaspersky Lab’s deputy director of the Global Research and Analysis Team, Sergey Novikov, said South Africa was placed second on a list of 10 countries targeted for banking android mobile malware.
The countries listed in appearance of their position include Russia, South Africa, US, Australia, Armenia, Poland, Moldova, Kyrgyzstan, Azerbaijan and Georgia.
Novikov was leading the panel discussion on cyber awareness which included Von Solms, Ramy AlDamati, Kaspersky Lab’s enterprise security expert for UAE, and special guest Baran Erdoğan, CTO of Secure Computing, Turkey.
“South Africa is second from the top in terms of mobile fraud with androids. People are given mobile phones, they are provided with services they can use for a mobile phone, they can log onto their banking systems but they don’t understand the rules of the road that’s why we are so high.
“Whose responsible? I think everyone’s responsible, I think firstly the banks who provide their online banking services to their customers without telling them the rules and helping them to enforce the rules, the government who allows banks and financial institutions to do these types of transactions, the government who allows e-government transactions and do not provide their people with the necessary cyber awareness training, municipalities who provide free wifi to the citizen’s without telling them of the risks, they are the guilty parties,” said Von Solms.
He added that countries need more public and private participation in terms of cyber awareness.
Another guest speaker, cybersecurity ambassador and child hacker Reuben Paul, 13, known as the Cyber Ninja, gave a live demonstration on how easy it is to hack into a drone.
Paul exposed the gaping holes in the security measures of millions of everyday gadgets and technology devices that are part of the Internet of Things (IoT) and demonstrated that he could disconnect a user from his drone and then take complete control of it by exploiting its insecure protocols.
The drone hack performed by the boy was a controlled stunt organised by Kaspersky Lab to highlight the urgent need for stricter measures from companies developing IoT related-devices such as drones, baby monitors, smart appliances, smart home devices and connected toys.
“It took me less than 10 minutes to hack the drone and I managed to take full control of it. The insecurities in the drone are shared by other IoT devices. Now imagine if this had been done by cyber-criminals. If I can do it, who’s not to say that more motivated cyber-criminals would not be able to do something very similar. The consequences could be disastrous,” said Paul.
He added that the industry needs to reinvent cybersecurity because they are doing so far is clearly not enough.
“It is important for manufacturers to implement security controls into their devices and not put consumers at risk. Let us be careful that the Internet of Things does not become the Internet of Threats,” said Paul.
Kaspersky Lab advised people to inquire about the security measures taken and to understand the associated risks before any connected device.
Maher Yamout, a senior security researcher at the Global Research and Analysis Team at Kaspersky Lab, said many companies compete to get their connected products out to the market and the consumers at the fastest speed to start generating profit.
“But doing so often means they overlook the security features or even completely ignore the security issues. Such devices can become lion’s meat for hackers and if they fall prey, this could lead to invasion of privacy, loss of data, valuables and even life,” said Yamout.