International cyber crime has been on the rise over the past few years and many enterprise-level organisations and state institutions with extensive security budgets have been hit by cyber-attacks with some literally shut down while they deal with the aftermaths.
It comes as a massive shock for any organisation, big or small, when it is hit by a cyber-attack, but it still also seems to be one of those situations where it is believed by some that it’ll never happen to them.
In 2019 the City of Johannesburg municipality was shut down by a cyber-attack, leaving people without electricity and other services for days. Soon after that, two of our national banks, Standard Bank and ABSA Bank, were reported to have faced DDoS attacks that caused delays in their financial transactions. There was also one of the biggest hacks in South Africa’s history with the attack on Liberty Holdings in 2018.
The following are some examples of more recent incidents that have affected the country so far during 2021:
- Qsure
An attack on the debit order collection company Qsure has impacted several South African insurers who use its services, including Hollard and Guardrisk. Australian security researcher Troy Hunt recently posted a notice from Ooba to its clients saying that although they do not yet know if any Guardrisk and Ooba clients were affected, they decided to send out cautionary notifications.
- Western Cape Blood Service
The Western Cape Blood Service (WCBS) was hit by a cyberattack in July this year, forcing the non-profit organisation to resort to manual, offline processing while it restored its systems from backup. WCBS spokeswoman Marike Gevers confirmed to TechCentral that the organisation had fallen victim to a cyberattack but denied market speculation that it was a ransomware attack.
- Transnet
South Africa’s port and rail company Transnet appears to have been targeted with a strain of ransomware that cybersecurity experts have linked to a series of high-profile data breaches likely carried out by crime gangs from Eastern Europe and Russia. Transnet did not immediately disclose the source or nature of the attack which temporarily affected its various ports that had to operate manually as a result but the ransom note was similar to others seen in recent months, according to cybersecurity firm Crowdstrike Holdings Inc. According to Crowdstrike it was linked to ransomware strains known variously as ‘Death Kitty,’ ‘Hello Kitty’ and “Five Hands’. Road Freight Association CEO Gavin Kelly said if cyber attacks are not addressed urgently, the non-functioning of South Africa’s ports will be yet another reason why international traders and shippers will choose other ports in Africa through which to move goods. In a World Bank report issued earlier this year, the Port of Durban was listed as one of the three worst ports in the world – out of 351 ports that were assessed.
- Lifestyle Direct Group International
Stellenbosch University Law Clinic has been given judicial go-head to launch a class action lawsuit against Lifestyle Direct Group International and its affiliated websites, in an attempt to claw back money it took from thousands of desperate loan seekers.
- Pegasus spyware
President Ramaphosa’s phone number has appeared in a leaked database of potential targets of the Pegasus spyware, The Guardian reported. According to the report, the list is believed to indicate individuals who were identified as persons of interest by the government clients of Israeli spyware vendor NSO Group, which developed Pegasus.
- Vodacom, MTN, and Telkom
A criminal syndicate has stolen millions from Vodacom, MTN, and Telkom subscribers in a sophisticated new scam. Many mobile subscribers have discovered a number has been added to their profile without their permission, and thousands in airtime and data then transferred to this number.
With the implementation of the POPI and Cybercrimes acts of South Africa, we as citizens expect to see more responsibility taken and an overall reduction of cyber incidents. Is this a realistic expectation though, considering that many smaller organisations have budget constraints and cannot logically afford the ‘proper’ security measures to enforce and/or strengthen their cyber security defences?
Surely there are measures that South Africa as a country could approach holistically to help all organisations within its borders improve their cyber security standpoint to defend against national and international threats?
Potential Solution:
South Africa is apparently building database of security specialists as it recovers from major cyber-attacks. The Employment and Labour minister Thulas Nxesi has said that government plans to ramp up its cybersecurity capabilities. “The SCISS has come up with an initiative of departments sharing resources and transferring skills to one another in matters relating to cybersecurity. The initiative is still at the beginning stage where a database of cybersecurity specialists in the public sector is being developed,” he said.
It appears that the majority of South Africa’s cyber security skills lie in the private sector. Maybe it would be better to build a national database of trusted, private sector cyber security providers that could assist companies overcome their woes.
On the other hand, education is also important and not just for people who are in the cyber security industry. Every company/business user is a home user, at the end of the day. All users should have a basic understanding of the internet and threats associated with using the internet, but are our schools, businesses and media providing adequate training on these matters?
Individuals and organisations have become far more reliant on technology in today’s world and the internet forms a part of almost everyone’s daily lives. Even children only a few years old have cell phones, tablets and social media accounts in the modern world and together with older people who didn’t have much experience with technology in their youth are a lot more susceptible to cyber-crime.
Are we as a country and communities doing enough to educate and enforce security standards to prevent possible cyber-attacks? Maybe we are on the path to improving how we deal with these issues but the road does seem a lot longer than many may think it could be.