Here’s how Cyber Crooks get in the Door
Corruption is the open door that leads to organisations
being hacked in South Africa.
According to experts, in South Africa many organisations are
compromised by scheming between criminals and corrupt employees.
The big issue here in SA is internal employees or
contractors conspiring with criminal syndicates - providing inside information
or access credentials.
Email is the predominant method cyber criminals use to
attack South Africans.
Did you know that 90% of cyber attacks begin with an email?
Typically, a cyber scam begins with a maliciously sent email
with a “hook” such as a SARS refund, tickets to a concert, or an account
payment as bait.
While the methods used to infect are the same, the hooks
used to trick people into clicking on infected attachments and links may be
different, but also use local topical events and news to lure people in.
South Africa ranks ninth with 8.2% of users attacked with
banking malware.
Cyber criminals have also modified their attack method to
focus on key people in organisations – a technique known as spear phishing.
We have seen a massive increase in spear phishing emails
being sent to key people - with malicious attachments or re-directing them to
dangerous websites to either infect their device or harvest information or
encrypt their information and demand a ransom!
Once cyber criminals have infected a computer system, they
will lock the device to demand a ransom in virtual currency (usually Bitcoins),
which increases over time.
However, SA is also seeing an increase in so-called
hacktivism. Cyber actors target specific companies or organisations to make a
political point.
Also on the increase is DDOS attacks against companies – if
done by hacktivists to take them off line to teach them a lesson… if done by
cyber criminals then to extort money – pay or we take you down again. Motive is
an important aspect in this.
South Africa isn’t among the top regions for cybercrime
development, but there is always the possibility of attacks within the country
that have other motivations - in this case, ‘hacktivism’, ie a DDoS attack
designed to make a social or political point.
The technical inability of local hackers though, need not be
an impediment to their ability to carry out cyber attack campaigns.
Even if hackers don't have the technical skills themselves,
the crooks can often simply ‘rent’ what they need - typically using the Dark
Web to get in touch with each other, wherever they might be in the world.
Comments
Post a Comment