SA continues to be a huge target for cyber attacks with costs running into the millions, cybersecurity experts warn. This situation has been made worse by heightened threats around elections and related events.
At the start of 2024, the World Economic Forum highlighted misinformation and disinformation as being major threats in an increasingly artificial intelligence (AI) driven world. This is against the backdrop of more than 70 elections slated around the world. The danger is that spreading false and misleading information will be a major method and mode of attack for cyber criminals.
At the same time, elections bring with them opportunities to skew public perception, fiddle with results at the polls, abuse citizen data and make distracted entities more prone to breaches.
In the lead-up to the recent elections, SA experienced a surge in cyberattacks, with breaches at institutions such as the Government Pensions Administration Agency (GPAA), Companies and Intellectual Property Commission and Electoral Commission SA (IEC).
“Despite being so conscious about physical security, us razor-wire-loving South Africans are strangely nonchalant about cybersecurity. Just like protecting your home, nothing is more important than having good cyber defences,” tech analyst Toby Shapshak told Business Day. “Bizarrely, many companies and state institutions have poor, or nonexistent, cybersecurity.”
Bizarrely, many companies and state institutions have poor, or nonexistent, cybersecurity
Reabetswe Motsamai, marketing and communications manager at MakwaIT Technologies, said: “The risk not only applies to the public sector but the private sector too, with SA businesses said to be attacked over 1,000 times per week on average according to Check Point.”
“Worse still, while 73% of organisations believe that a cybersecurity incident will disrupt their business in the next 12-24 months, only 7% are adequately equipped to navigate the evolving threat landscape.”
This trend is not only isolated to the elections, but is part of a wider agenda by criminals that see SA, its government and businesses, as an easy target.
A recent report by cybersecurity firm Trend Micro shows that it blocked more than 159-million email threats, about 8-million malicious URLs or links and more than 22-million malicious mobile apps targeted at SA businesses and consumers in 2023.
While breaches of big organisations draw big headlines, Shapshak highlighted that everyone is at risk.
“Obviously bigger firms are targeted, but any small business that hasn’t patched its software is a potential ransomware victim.”
He said the average cost of breaking into a company’s system is advertised at just $2,100 (R36,000) in the Middle East, Turkey, and Africa region, according to cybersecurity firm Kaspersky, going up to $4,000, or R70,000, globally.
Blackmailers seldomly release the data when firms are foolish enough to pay to unlock their data
“Blackmailers seldom release the data when firms are foolish enough to pay to unlock their data.”
Discovery Insure recently revealed that the personal information of about 20 clients, including that of Sygnia CEO Magda Wierzycka, had been breached.
A preliminary investigation showed the fraudster obtained clients’ personal details, including residential addresses, identity numbers and details of items covered by the policies.
In April, MTN reported that chair Mcebisi Jonas was again the subject of a cyber scam that had fraudsters impersonating the former deputy finance minister on messaging platforms, to solicit money.
John McLoughlin, CEO at cyber security firm J2 Software, said email continued to be a major point of vulnerability and a way criminals exploited people to infiltrate an organisation.
“As online dangers keep changing, one type of attack really tricks people’s minds: business email scams. These scams rely a lot on tricking people rather than hacking into systems. It shows how important it is to know and protect against trickery in today’s online world.”
McLoughlin said a number of online groups were working to inflict maximum damage to victims.
For example, Sangria Tempest specialised in targeting the restaurant industry, employing elaborate lures such as false food poisoning accusations to steal payment card data. “Leveraging underground forums for recruitment and training, this East European group has orchestrated numerous successful attacks, compromising millions of payment card records,” he said.
SA has also seen an increase in scams exploiting eFiling for tax where scammers change login and banking details for a particular organisation, with the main aim of submitting fraudulent VAT returns to be paid to the fraudster’s bank account.
Motsamai said these attacks highlighted the vulnerability of critical infrastructure as they might have compromised sensitive data such as personal information or financial records.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.