Interpol’s African Cyberthreat Assessment Report 2021, which breaks down the most prominent dangers on the continent so that businesses and consumers can better plan and protect themselves, has brought cybercrime back into the spotlight.
According to the Interpol Report, the top five threats in Africa are:
- online scams;
- digital extortion;
- business email compromise;
- ransomware; and
Before digging a little deeper into what each threat entails and how organisations should be protecting themselves, it is vital to understand how the criminals behind the scams work.
The majority of attacks are not carried out by random opportunists. Cybercriminals work in well-organized criminal networks and invest a significant amount of time and money in research and development arms, complete with cutting-edge technology and social engineering, in order to make their attacks very complex. Rather than being alarmist, every organization should begin with the idea that an attack will occur “when,” not “if.”
These attacks are most often directed towards older generations who are less tech-savvy. They are usually more trusting and, regrettably, have more to lose. Many of these con artists imitate bank communication in order to take advantage of the trust and respect that older people feel for bankers and the role they have played in their lives.
To make matters worse, scams are growing more complex, credible, and appear authentic and plausible to an uneducated or inexperienced person.
Many folks may have been caught off guard by this one. Digital natives, such as students or those in their early twenties, may be the most vulnerable due to the fact that this is happening online. This kind of con is based on the threat of severe social and reputational harm.
While preventing extortion is simple if one avoids risky actions such as sending incriminating selfies, younger age groups are more likely to be .
Business email compromise
Phishing schemes entail sending emails that appear to be from respectable or well-known firms in order to deceive consumers into disclosing personal information such as passwords or PINs.
Because many employees are not working within secure corporate networks or are not receiving (or ignoring!) the cyber security training that may keep them safe, hackers have a far larger attack surface.
This form of extortion has cost the world $20 billion in 2021 so far, and is set to increase by more than ten times that amount by 2031. No wonder it gives many enterprise leaders sleepless nights as it can be very profitable for criminals and can inflict untold reputational harm on companies.
Ransomware becomes successful when organisations choose to pay the ransom rather than suffer public embarrassment of the debacle which would follow a complete loss of data. The criminals behind ransomware attacks are organised and sophisticated and present arguably the single biggest threat to corporate Africa, with one company falling prey to such demands every 11 seconds.
The level of risk posed by ransomware is – to some degree – dependent on the core business. For example, a business that runs its core functions digitally, such as a bank, would suffer catastrophic losses if it were to lose its data, whereas a manufacturer would still be at significant risk, but it wouldn’t necessarily lose its ability to generate revenue.
However, reputational damage and loss of customer trust and confidence can be big enough to lead to the demise of a business regardless of sector. This means no industry can think they’re immune to the negative effects of Ransomware.
In the Sophos 2022 Threat Report -Sophos reported the following key trends:
1.Ransomware will become more modular, uniform and influential
2.Ransomware will target people as well as technology through extortion tactics
3.The abuse of adversary simulation tools will continue
4.More malware families will launch “hybrid” attacks
5.More attacks will mass-abuse IT administration tools and vulnerable internet facing services
6.More attacks will target Linux-based systems
7.Mobile malware will continue to increase for all OS 8.AI will be adopted by defenders and attackers
This is typically how hackers hide – they use compromised corporate and personal computers to orchestrate and launch their attacks, which means the trail goes cold fairly quickly.
If an organisation does not run regular virus and malware scans, they run the risk of inadvertently helping hackers gain access to their network computers.
What can organisations do?
In the fight against cybercrime, the C-suite is critical, with all executive decision-makers acknowledging collective ownership of business and consumer data.
Data is used by all departments for commercial purposes and decision-making. As a result, board members must support their CIO/CISO colleagues’ security and technology strategy, investment, and policy.
Building a strong cyber resiliency strategy also necessitates the buy-in and commitment of all departments in order to effectively communicate and track its progress.
A successful cyber resiliency strategy must also work in harmony across all divisions and layers of a company. Although prevention should always take precedence, the organization must have a disaster recovery strategy in place in the case of a breach or assault.
Any Ransomware or cyber assault has the potential to be disastrous, thus there should never be a compromise in how threats are planned for or dealt with.
While an organization is a complex organism, its employees are the first line of defense. This means that businesses who are serious about enhancing their resilience should invest in regular training on how to spot questionable emails or threats, as well as how to protect critical data to avoid phishing and botnet attacks.
These are avoidable, but they necessitate effective mailbox management, including junk folder mail deposit policies to isolate potential threats, as well as machine learning and artificial intelligence capabilities to reduce the likelihood of emails reaching the user’s inbox.
Technology has advanced significantly in the past two years and so companies should consider deploying modern data protection toolsets and strategies to ensure data recoverability in the event of a serious breach.
Essential Security Recommendations For 2022
•Deploy layered protection
•Combine technology with
human expertise, 24/7
•Monitor and respond to alerts
•Enforce the basics: passwords, MFA authentication
•Secure remote access tools
•Segment the network and consider “Zero Trust” •Know what you have, where it is, who has access
•Back up, configure and patch
•Educate and protect employees
Backup and recovery
Criminals have evolved, and businesses should as well. It’s no longer adequate to have a 3-2-1 backup strategy – three copies on two distinct media, one of which is offshore.
Today, best practice adds two extra layers to the original rule, making it 3-2-1-1-0 – three copies of data, two on different media, one offshore, and one air-gapped or immutable copy restored with zero mistakes so that the vulnerability is not put back into production.
Information sourced from Business Tech 2 January 2022