Secure your business future. The right way!
Date: October 2021
By: Ayanda Khumalo Product Marketing Manager for ESET
In 2020, the Covid-19 outbreak caused a global shift to remote and hybrid work forcing organisations to pivot the way they operate practically overnight, with little preparation. Most companies saw a crisis, while cybercriminals saw an opportunity.
South Africa is ranked the third highest in cybercrime victims globally – this is according to professional services company Accenture.
The report also indicates that South Africa is losing R2.2 billion a year due to these threats actors and these could be because of our lower defensive barriers than those more developed countries.
New world.. New approach
It’s imperative for organisations to change the way they do business and to adapt to the constantly changing environment. Security and IT teams must consciously improve their resilience strategy in a new world.
We had a sit down with Gabriel Le Roux, cyber security specialist from ESET, an award-winning internet security company. We wanted to find out how businesses can protect themselves from attacks and learn from the recent attacks.
Question – What are your thoughts on the cyber-attack on the Department of Justice and Constitutional Development’s (DOJ&CD) which happened last month and resulted in personal data of South African being compromised and the alleged R33 million ransom demand claims?
Answer – “I find it very concerning the number of major entities that are being breached seemingly with such ease. Transnet earlier this year and now DoJ is a sign of where these hackers are putting their energy. These are targeted attacks with big multinational teams behind them.”
Le Roux also adds that both the country and businesses should be using this news as an air of caution. It is reported that they could have breached the network as early as April.
“A long dwell time on the network may have allowed them to gain trust within the network gathering information so that when they strike, they can infect/ encrypt even the back-ups. This sort of breach is something that only a great endpoint security software backed by Endpoint Detection and Response (EDR) combined with next-gen cloud sandboxing technology would give you the layers required to protect against.
He adds that organisations need to pay more attention to security awareness training efforts rather than the actual security product.
“Most of these sorts of attacks start with some form of social engineering be it as simple as phishing mail. I believe both government and business are not doing enough to arm their employees with the knowledge to avoid this just by being able to identify a phishing attempt” he concludes.
Question – What does this mean for organisations operating in South Africa and how can they better protect against cybercrimes?
Answer – “This means that even with a great backup solution and a fair level of security, tomorrow they could make it your day,” says Le Roux.
He adds that complacency and lack of action to take preventative measures could mean disaster.
“Although security is often what we call a grudge purchase, I prefer to think of it as peace of mind. Take the time to evaluate where you are and what steps can still be taken to bolster your security. The threats have evolved and so has our approach to protecting you” he says.
Le Roux highlights those businesses regardless of the industry they operate in need to make sure they have unpacked all the great layers of technology to ensure that their business is safe and secured online.
“Be sure to look into the added layers and tools such as cloud sandboxing and EDR,” he concludes.