South African businesses are at risk of rising global cybercrime attacks as hackers increasingly target valuable data and intellectual property.
Ian Engelbrecht, technical sales manager of Veeam in Africa, speaking during a hybrid seminar hosted by Dube iConnect at Dube TradePort, warned businesses of the risks and highlighted solutions to protect data from cyber criminals. Veeam provides ICT and cyber security services.
Engelbrecht said Veeam had conducted an independent survey in 2021 that had asked customers about security threats. It found that the data security threat had skyrocketed between 2015 and 2021.
“In 2015 a case was happening every 100 seconds and in 2021 it was happening every 11 seconds. The global cost has increased from below US$5 billion to around $20 billion in 2021,” said Engelbrecht.
He categorised the types of cybercrime that businesses needed to be aware of, as follows:
- Data encryption involves criminals taking data and encrypting it so that they only have the password to unlock it. Criminals then ask the business for ransom for the return of the data.
- Data deletion is when criminals delete a company’s data so that it can no longer be used.
- Data exfiltration is the theft of data for the purpose of threatening to sell it or leak it online to hurt the company. It could include valuable data like intellectual property on new products, such as the latest electric vehicle.
- Data injection involves hackers inserting their own bad code into a firm’s IT system so that it will take instructions from the criminals. For example, to attack the company platform, or initiate bank money transfers.
- Device locking is when criminals lock a company out of their IT system or website to prevent access.
Engelbrecht said cybercrime was on the rise because an increasing number of companies had moved valuable data online, leading to the value and volume of commercial data skyrocketing.
He said the fact that more and more devices were connecting to the Internet and that hackers had greater reach to access systems globally – a criminal in the EU can hack a computer system in SA – had also exacerbated the problem. The rise of cryptocurrency also made the crime ‘safe’ for hackers who could hide behind the anonymity of currencies because ransomware payments could not be traced back to them.
According to the firm’s research, a total of 94% of ransomware attacks attempted to infect back-up repositories, while 47% of data was encrypted in a ransomware attack and 32% of organisations that had paid the ransom still could not recover their data.
He warned that employees were often targeted using ‘phishing’ emails, which tricked the recipient into thinking they were receiving a legitimate message from a company.
“For example (a message could read), ‘Microsoft requires you to verify your account’, and then if you go into a browser or URL that looks like a Microsoft page and put in your user name and password, you have been hacked because you have given access to the user’s data. Most of the times ransomware attacks start off with a ‘phishing’ email,” Engelbrecht explained.
“Once you pay the ransom, there is no guarantee that they are going to give you the key to unlock the data.”
The UN Global Programme on Cybercrime has warned businesses not to pay ransoms because most cybercriminals have links to terrorist organisations.
Engelbrecht advised firms to adopt a ‘3,2,1,0’ approach to data security, which involves having three different copies of data on two different media, with at least one data set stored off site, and one stored offline. There should also be zero errors in the back-up recoverability of the data.
“You can have the best security and infrastructure, but back-ups are your last line of defence,” said Engelbrecht.
Dube iConnect marketing manager Steve Johnson warned that cyber criminals were using social media channels like Facebook as “data mining” fields.
“We all know that Cyril Ramaphosa’s private data was hacked and there was a recent email attack on a company that cost them R100 million. Post Bank was hacked and lost R89 million. There are millions of hackers out there waiting to do things and IT departments are stretched,” he said.
He said quizzes on social media that asked personal questions such as ‘which school did you go to, what colour are your eyes and what is your mother’s name’ was a data-mining technique to access user passwords.
“They glean that information and we fall for it because we think that it’s on social media so it’s safe, and it’s not. People are creating these apps to gather and sell our information,” he said.
