Don’t squeeze your cyber assets

1 June 2020 Cyber Security

Following on this week’s Life Healthcare cyberattack, the issue of cybersecurity has once again been brought to the fore, as businesses and individuals are forced to evaluate whether measures in place are strong enough to withstand major breeches in their security.

Life Healthcare is the third major South African company that has been targeted by hackers this year. In February, Nedbank warned that the information of about 1,7 million clients was potentially affected by a data breach, and the following month chemicals and fertiliser maker Omnia Holdings said its IT infrastructure was subject to a cyberattack. Amongst the other big businesses that have been targeted in South Africa are Johannesburg City Council, Capitec Bank and Telkom.

The trend is also true for the rest of the continent. In Kenya, the National Youth Service (NYS) and Integrated Financial Management System (IFMIS) were among a host of government websites that were attacked by an Indonesia hacker group, Kurd Electronic Team.

According to Michael Tumusiime, lead security engineer at Checkpoint East Africa, businesses must look at threats from an architectural perspective. Considering the many attack surfaces, attackers can now get into environments a lot easier and quicker.

“We additionally have mobile threats with people working from home; the perimeter has moved, therefore you can no longer protect your assets just by using perimeter security. You need to think about the different ways that people access information and the different assets to protect. Think mobile threats, think about security in the cloud, think about IoT devices and have a comprehensive security approach protecting those. It also helps if you have an incidence response plan to help in the mitigation and recovery in case you get compromised.”

The consistent threat to companies is due to the nature of cutting corners. Institutions are cutting corners around cost and setup of technology, and this directly relates to the challenges that they are experiencing, using technology that is not 99,9% bullet proof.

What happened to Life Health is not unique; it is something that is happening globally. When COVID-19 kicked off, we saw many customers in Europe being targeted with fictitious COVID-related emails and domains. Africa has followed closely behind as we are now starting to see these attacks reach our continent. We can also expect this trend to continue if companies use generation 3 and 4 security to ward off generation 5 and 6 attacks.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Work from home securely
Issue 5 2020 , Cyber Security
First Consulting provides enterprise-level IT security to working-from-home employees at more than 40 South African organisations.

Read more...
Agility, meticulous alignment and testing
Issue 5 2020 , Cyber Security
Data loss can put the nails in the coffin for unprepared businesses. Investing in cyber resilience is key to succeed in the age of digital transformation.

Read more...
Cybersecurity comment: A holistic approach to threat vulnerability
Issue 5 2020 , Cyber Security
Any organisation, whether large or small, public or private, should follow an established framework in order to protect itself against cyber threats.

Read more...
Email security in COVID-19 times
Issue 5 2020 , Cyber Security
MJ Strydom, MD of cybersecurity specialist company, DRS, takes a look at email security in the era of COVID-19 and beyond.

Read more...
June 2020’s most wanted malware
Issue 5 2020 , Cyber Security
Check Point Research finds sharp increase in attacks using the Phorpiex Botnet delivering new ‘Avaddon’ ransomware via malspam campaigns.

Read more...
60% in SA victim to public cloud cybersecurity incidents
Issue 5 2020 , Cyber Security
Ransomware and malware, exposed data, compromised accounts, and cryptojacking to blame; GDPR shows promise with Europeans suffering least.

Read more...
Vodacom Business enhances cyber resilience
Issue 5 2020 , Cyber Security
Partnership with Cloudflare will allow Vodacom Business to offer DDoS protection and traffic acceleration for all network infrastructure — whether on-premise, cloud-hosted, or in a hybrid environment.

Read more...
Tax season often equals tax scams
Issue 5 2020 , Cyber Security
While many of us cannot wait for our refunds, this is also a time of the year when cybercriminals are waiting to attack.

Read more...
Cybersecurity comment: Cyber threats remain relentless
Issue 5 2020, CA Southern Africa , Cyber Security
Over 80% of email-based threats in Q1 2020 leverage COVID-19 in some form to feign legitimacy to the end user.

Read more...
11 essential steps to reinforce cybersecurity
Issue 5 2020 , Cyber Security
Wayne Olsen has compiled a guideline to ensure that businesses and their employees are protected while working remotely.

Read more...