South Africa’s retail organisations, particularly on-line stores, could expect a significant ramp-up in cybercrime ahead of the holiday season. This is the warning from Deon Smal, CEO of Cyber Insight, a Cape-based cyber security assessment firm.

“While data breaches increased alarmingly during the height of the Covid-19 pandemic, organisations - particularly those in the ecommerce sector - can expect a ‘tsunami’ of new attacks as the festive season approaches,” he cautions. “This is as a result of intensified on-line shopping activity which creates more opportunities for cyberattacks.” Smal notes that many companies that supported work-from-home employees during the pandemic – and possibly continue to accommodate a hybrid workforce - have had to take short-cuts in terms of security to rapidly protect sensitive data which is accessed on-line.

“These ‘quick-fixes’ are now leaving these organisations vulnerable to increasingly sophisticated cyber threats. They should be addressed as a matter of urgency,” he says. According to Smal, the most common threat facing SA companies is a ransomware attack, in which criminals encrypt files and then demand a ransom to restore access.

He says that globally, ransomware is viewed as the most malicious of the numerous malware models that were experienced this year. “Smal encourages organisations, of all sizes, to accurately and comprehensively assess their cyber security positions. This will expose possible vulnerabilities which could result in breaches of security within the corporate infrastructure. This includes basic facilities, structures and services on which businesses rely.

“They should also consider penetration testing to prove the existence and determine the extent of their weaknesses before committing to a definitive security solution to ensure that it offers an appropriate level of protection against the most evolved threats and determined cyber-criminals,” he adds.

Securing corporate perimeter is one of the basic measures a company should take to make sure that nothing threatens its workflow. Although many enterprises are not successful at keeping their network intact. Some organisations

• think of safety instruments only after an incident occurs
• are simply not aware of all the risks
• have been using or are going to use services which might expose them to additional risks
• focus their attention on hackers neglecting internal threats
• are worried about compliance violations and forget about other less relevant but by no means less detrimental breaches

And some happen to trip on almost each of the steps. Computer systems of Johannesburg-Lewiston Area Schools were affected by a ransomware. The insurance provider covered the financial damage although the school wasn’t prepared to deal with the issue and the Superintendent appeared to be unaware of basic cyber incidents that might happen to any organisation.

About a month ago a school technology consultant informed the administrator of a problem impeding file opening. The investigation determined that the attack was coming from Germany.

The school doesn’t store employees’ and students’ data on the servers so personal details weren’t compromised. The school network isn’t fully backed up and corporate devices were impacted significantly making staff members bring their own computers and gadgets — a decision fraught with peril.

Some measures were taken after the violation occurred. The school is going to upgrade antiviruses, create a cloud-based storage securing its protection and focusing their concern on being resistant to ransomware attacks. Anyway, using a Google doc system might keep offenders from harming the server but online storages pose some risks which demand as much attention.

Cloud, antivirus, MSSP, interdicting data transfer

As we can see the organisation:

• reacted to the necessity of improving the risk management mechanisms after a violation had occurred
• claimed to be not prepared to the incident not only due to being insufficiently equipped but also due to being simply unaware of what might happen to their servers
• decided to update its antivirus and relocate the information to online storages overlooking such risks as cloud misconfiguration and data leak as well as the fact that antivirus is only one of many ways to fight cyber attacks
• put all the efforts to ensuring perimeter protection from hackers and didn’t think of securing their environment from insider threats

Besides online storage and antivirus, there are tools and technologies which

- protect you from incidents while compromise your confidentiality or undermine strategic risk assessment

MSSP provides you with an experienced staff aware of every detail about recent threats and regulations and using most relevant tools to safeguard your workflow. But third party consultants know little about your corporate culture, your employees and business processes which have been tuned and customized to fit your needs. Opting for MSSP you should keep in mind that you delegate network monitoring to an intermediary who you are not familiar with and that everything is going to be displayed to the service provider bringing your privacy to zero.

Tools interdicting data transfer, preventing information from being printed or uploaded to a flash drive keep sensitive details within the company’s limits but don’t make you more knowledgeable about your corporate environment and staff members’ communication. Behavior risk management includes possibility of seamless monitoring which facilitates in-depth investigation.

- are nearly inefficient when not integrated as a bundle which comprises a comprehensive solution for both external and internal safety

If you implement a one-sided approach to risk management and address only external threat preventive measures you might flatten your security fortification you have been working on to ensure that your company can fight any offender. Internal control systems are indispensable — they allow you to cover any kind of inside violation thus making you prepared to regulate incidents the source of which is within the company’s perimeter. Employee monitoring software increases significance of that shield which took you efforts to defend your organisation from external attacks.

The core issue many organisations have to recognise is that they are healing symptoms instead of trying to cure provoking factors. A breach occurs, a company fixes it, a problem is solved — a common security misconception. Such a short-sighted tactic keeps you exposed to multiple yet undiscovered threats and makes your efforts look like masking whereas they should be about securing. While you are covering a gap there might appear another one which requires mending with the help of a different instrument.

Tools shielding your perimeter from external attacks will not ensure that your data is intact within the corporate network. Access delimitation will not help when information gets lost, stolen or deliberately leaked. Cryptography will make you theft- or lossproof although it doesn’t guarantee the safety of your documents if someone is willing to disclose their details. The most recent automated compliance management software will put you at the needed level of conformity but focusing on preventive measures that allow you to avoid the biggest penalty will make you let your guard down regarding some latent internal threats.

With the current crisis of cyber-attacks and data breaches or leaks, we are faced with low rates of cyber security vigilance and high cybercrimes. Every enterprise is challenged to constantly back up their cyber security system to protect their database and information systems to avoid these data leaks and cyberattacks.

Menny Barzilay, Head of IT Audit of Bank Hapoalim described Cyber Security as “the sum of efforts invested in addressing cyber risk, much of which was, until recently, considered so improbable that it hardly required our attention,” in an article on ISACA’s Knowledge Centre. When we further define cyber risks, which is the loss or harm of information due to a cyberattack or data breach, we then see the need of efficiently protected information systems.

Data or Personal information is an extremely valuable commodity because when in the wrong hands, it is used for financial benefits by cyber criminals who participate or gain information from data breaches. The cyber criminals take the data and sell it and in return make a lot of money out of the whole data breach.

In a radio interview Mr Sizwe Snail ka Mtuze, Director of Snail Attorneys and Lex-Informatica, said “Your ID number is so Important because it identifies you, your birth date, your race, your citizenship and whole lot of other things which could be used for an unlawful purpose”, when asked why information like a person’s ID number is so important to these cyber criminals. Anyone or any organisation with confidential information in their possession is a target. How would an organisation know whether they are ready? Whether they have the enough information security? the reality is that these cyber criminals are getting smarter and more advanced in the techniques they use.

According to an article on Fin24.com, “Without a fully functional Information Regulator, these breaches will continue to occur without sanctions provided for in the Protection of Personal Information Act (POPIA)”, said Advocate Pansy Tlakula, Chairperson of the information Regulator of South Africa . Which is why organisations and individuals need to be in the business of effectively educating themselves on cyber security vigilance, cybercrime trends, data breaches and cyber law.

What are we doing as organisations to protect ourselves? What measures are we taking? What legal implications are there regarding such incidents? The assumption that cyber vigilance is the primary function of only IT, Legal, Compliance, Risk or Information Management in organisations is where the loophole in our information security is found.

Lex-Informatica SA Cyber Law and ICT workshop is focused on equipping people with necessary skills and education to guard against threats in their workplaces, homes and IoT devices.
Date: 13th and 14th September 2018
Venue: Durban Country Club
Theme: "The advancements of Information and Communication Technology Law - Cyber Law: Techniques, Risks, Legal implications and Emerging trends"
Book your seat here to be enlightened on the reality, cost and possible threats of cyberattacks to your business, personal data and other interconnected devices.

For more info please contact Ms Paballo Mokake on:
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Telephone: 0127702312