Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Cybercriminals eye passwords and cloud vulnerabilities

Issue 1 2023 Information Security, Security Services & Risk Management


Carey van Vlaanderen.

“The cybercriminal is relentless, often sophisticated, and extremely persistent. In a constantly evolving threat landscape in which cloud adoption continues to grow and passwords are highly coveted by nefarious actors, attacks are expected to increase sharply in the coming year. However, this is being met with incredible advances and innovation from the cybersecurity industry,” says Carey van Vlaanderen, CEO of ESET South Africa.

Microsoft published its Digital Defence Report for 2022, which found a 74% increase in password attacks resulting in approximately 921 attacks per second. “Passwords remain an easy win for threat actors, but that is often because users give this attack vector to them on a plate. Attackers are cleverly compromising business networks prior to their phishing campaigns in order to look authentic, and even when victims believe they are carrying out their due diligence on a site, they can still be duped into believing they are in communication with the real deal,” Van Vlaanderen explains.

While nearly 1000 attacks per second is an astonishing amount, people and businesses can do much more to reduce this number. “Passwords continue to be something of an inconvenience in people’s lives, which is often down to not knowing or even trusting the free security layers on offer. Implementing password managers, on personal and work devices, can help force unique and strong passwords for all accounts applicable. Most importantly, introducing two-factor authentication on every account will hugely help reduce the impact of phishing campaigns,” she adds.

The past year has seen a tremendous increase in businesses and consumers embracing cloud and in 2023, this space will yet again, be the target of cybercriminals. Van Vlaanderen says the seismic shift from traditional on-premises to cloud hosting applications and infrastructure elevates cybersecurity risk.

While cloud services offer incredible benefits, it is imperative, from a risk mitigation perspective, to assign thought and attention to the following:

• Using a reputable cloud service provider – a fundamental first step

• Optimising and configuring using best practices

• Making use of best-of-breed cybersecurity software

• Multi-factor authentication (which should be standard)

• Encryption (which should be employed wherever possible)

• Strong password policies

• Assigning credentials and rights only to those that require access

• Redundancy is essential, backup and a disaster recovery plan should be enforced

• Test for vulnerabilities timeously

In 2022, spoof emails and ransomware defined the year and look set to remain a leading concern for people, businesses, and cybersecurity teams in 2023. “The damage caused by emails sent by cybercriminals that convincingly look like they originate from people within an organisation is real and extensive. These types of fraud usually try to create a sense of urgency, or employ scare tactics to coerce the victim into complying with the attacker’s requests. Emails with requests for quick payment should be handled with caution as emails can be spoofed with legitimate invoices but using cybercriminal banking details,” says Van Vlaanderen.

Despite ransomware reaching record levels this year, Van Vlaanderen says many organisations still do not understand where their most valuable data and systems lie, and therefore have inadequate data and protection. “A good starting place is to build an understanding of exactly all the data points that exist in your business. This enables clear strategy formulation on the data collected and stored. Irrespective of the size of your organisation, data protection is essential, and can be in the form of staff training, following compliance guidelines, utilising appropriate software, as well as ensuring data storage security combined with backups. There should always be a data or disaster recovery strategy in place.”

Van Vlaanderen predicts the continued innovation and adoption of smart technologies, IoT devices, car connectivity and infotainment, will present new attack vectors for cybercriminals in 2023. “Given the reality of attacks becoming more sophisticated and personalised, people and organisations cannot afford to be without some form of a protective solution in place, regardless of where the infrastructure is located or what device it is on.”




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Integrated security key to protecting cloud applications
Infrastructure Information Security
Cloud-native applications have transformed the way businesses operate, enabling faster innovation, greater agility, and enhanced scalability. Yet this evolution brings an equally complex security landscape.

Read more...
Factories, grids, and finance: Critical infrastructure cyber lessons of 2025
Asset Management Information Security Industrial (Industry)
Africa has seen an accelerated, large-scale digitisation of our overall industrial base, and this rapid convergence of IT and OT is happening on a foundation that, in essence, was not designed to be cybersecure.

Read more...
Axis signs CISA Secure by Design pledge
Axis Communications SA News & Events Surveillance Information Security
Axis Communications has signed the United States Cybersecurity & Infrastructure Security Agency’s (CISA) Secure by Design pledge, signalling the company’s commitment to upholding and transparently communicating the cybersecurity posture of its products.

Read more...
Eight African cybersecurity trends for 2026
Information Security
Check Point Software Technologies has released eight critical trends shaping Africa’s digital turning point in 2026, noting that their implementation will require the government, the private sector, and key civic institutions to cooperate.

Read more...
The year of the agent
Information Security AI & Data Analytics
The dominant attack patterns in Q4 2025 included system-prompt extraction attempts, subtle content-safety bypasses, and exploratory probing. Indirect attacks required fewer attempts than direct injections, making untrusted external sources a primary risk vector heading into 2026.

Read more...
AI cybersecurity predictions for 2026
AI & Data Analytics Information Security
The rapid development of AI is reshaping the cybersecurity landscape in 2026, for both individual users and businesses. Large language models (LLMs) are influencing defensive capabilities while simultaneously expanding opportunities for threat actors.

Read more...
SMARTpod Talks to Check Point Technologies about the African Perspectives on Cybersecurity report
SMART Security Solutions News & Events Information Security Videos
SMART Security Solutions spoke with Check Point's Hendrik de Bruin about the report, the risks African organisations face, and some mitigation measures.

Read more...
SA availability of immutable backup storage appliance
CASA Software Infrastructure Security Services & Risk Management
CASA Software has launched the newly released Nexsan VHR-Series, a fully integrated, enterprise-class, immutable backup storage appliance purpose-built for Veeam software environments, with usable capacity ranging from 64 TB to 3,3 PB.

Read more...
Beagle Watch named best security company in Johannesburg
News & Events Security Services & Risk Management
Beagle Watch Armed Response has been named Johannesburg’s Best Security Company in the 2025 Best of Joburg Awards, surpassing about 26 nominated private security firms in the greater Johannesburg region, thanks to overwhelming public support.

Read more...
Securing the smart fleet
Information Security Transport (Industry) Logistics (Industry) IoT & Automation
Contributing around 10 to 12% of South Africa’s GDP, the transport and logistics sector supports almost every part of the country’s economic activity. The stakes for keeping these systems secure are higher than ever before.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.