SA faces a rising tide of cyberattacks. No business, irrespective of size or industry, is safe. Find out what cybercrime is, who perpetrates it and how.
The COVID-19 pandemic triggered a wholesale shift to remote work that seems here to stay. But even before the rush to adopt work-from-home practices – often on unsecured personal computers – cyberattacks were soaring.
South Africa ranks third in the world in terms of the numbers of cybercrime victims. A big part of the problem appears to be that we’re not as cyber savvy as we’d like to think. As many as 31% of South Africans believe that hackers use a Trojan virus to encrypt your files and demand payment.
Actually, that would be ransomware. Worryingly, nearly one in two respondents across eight African countries, including South Africa, were unfamiliar with ransomware. And that’s despite their confidence in their cybersecurity training.
Don’t worry, this isn’t a test. Whether you knew the answer or not, we think you’ll agree: Your business’ safety is worth a quick cybercrime refresher.
What are cyberattacks?
The University of North Dakota defines cyberattacks as: “Any possible malicious attack that seeks to unlawfully access data, disrupt digital operations or damage information.”
In other words, cybercriminals aim to incapacitate computer systems, steal data or breach your digital network to launch further attacks. And they have an extensive and growing toolkit to do so.
If you believe what you see on TV and in movies, hackers generally exploit system weaknesses or backdoors. But it’s much easier to simply deceive or manipulate staff members into handing over the keys to the castle.
This is known as social engineering. In fact, tactics, such as enticing users to open emails from unknown senders, click on suspicious links or provide information are the root of over 60% of cyberattacks in South Africa.
The bottom line is that people often prove to be the weakest link in your cyber security.
Interpol’s findings in its 2021 African Cyberthreat Assessment Report is a testimony to this. You’ll notice that social engineering features heavily in its top five threats on the continent:
Online scams (phishing)
To put it simply, these are online cons. Malicious actors send emails or text messages that appear to originate from legitimate sources. Because the recipients trust the source, they reveal personal or financial information.
Although this cybercrime can take many forms, it always starts with the culprit taking possession of personal or organisational digital assets. Next, the criminal pressures the victim to pay to regain access or control.
Whether criminals use ransomware, digital smear campaigns, negative review spamming, online blackmail or equipment hijacking, the goal is the same. They aim to strongarm you into paying to get things back to the way they were.
Business email compromise
Once again, hackers exploit social engineering scams to gain access to senior managers’ email accounts. Impersonating the executive, they then attempt to convince finance department employees to transfer funds into their bank account.
Although this is a form of extortion, it is so rife as to warrant a mention of its own. When victims fall prey to online scams or visit infected websites, malware downloads onto their systems. This takes the system “hostage”, encrypting all files. Once that happens, the criminals demand you pay a “ransom” to receive the key that will restore functionality.
Hackers gain unauthorised control of a network of devices and use this “bot” army to carry out large-scale cyberattacks. Distributed denial of service (DDoS) attacks are a good example. In this case, the compromised machines crash servers or systems with a flood of Internet traffic.
How do cyberattacks hurt your business?
Yes, the immediate cost of cyberattacks can be hard to swallow. But a good recovery strategy should consider all the angles. There are hidden costs to being hacked that could be the final nail in the coffin for your business.
Remember that losing data is one thing. But don’t underestimate the knock-on effects in terms of reputational damage, a slump in customer turnover and operational costs.
Even after you’ve counted the costs of ransom payments, fraudulent money transfers and productivity losses in the immediate aftermath of a cyberattack, the financial impact is far from over.
The need to rebuild systems and mitigate the fallout from depressed sales and declining investor confidence make the road to recovery a hard climb. These issues can dog your business long after the event. In fact, many SMEs don’t survive falling victim to cybercrime.
Losing the use of your website, access to customer data or control of factory systems, even for a short period, can bring business to a standstill. And time is not on your side. The longer it takes to detect cyberattacks the higher the cost of the incident.
It’s not unusual for companies to take nine months to identify a breach. Then there’s the time your employees will spend restoring systems. Without the resources to quickly identify and resolve issues, these crippling periods can drag on for SMEs.
Even when your company isn’t the victim, cybercrime is bad for business. Imagine what would happen if cyberattacks brought your suppliers to their knees? While completely out of your control, this can have severe implications for your ability to deliver to customers.
Businesses are built on trust. After all, customers share their personal data with you in good faith. And they will look to you if cybercriminals sell that information on the black market or use it to commit identity theft and financial fraud.
Many customers and shareholders, who incur losses as a result, may feel betrayed. In fact, they may not want to be associated with your business or brand anymore.
Data privacy laws, including Europe’s GDPR and South Africa’s Protection of Personal Information Act (POPIA) require that businesses safeguard staff and customers’ personal data.
If data is accidentally or deliberately compromised because your business failed to deploy appropriate security measures, you may be liable for a hefty fine. With that in mind, hackers may even demand payment that falls short of the anticipated penalties.
As you can see, the ramifications of a cyberattack are serious. That said, it would be a mistake for new or small businesses to think this is all out of their league.
Businesses great and small, cybercriminals target them all
Small business owners who think they can fly below the cyberattack radar are sorely mistaken. With the technology to automate attacks, criminals can easily cash in on targeting as many as several thousand small companies at once.
What’s more, small enterprises are soft targets because they not only lack the resources to devote to cybersecurity that big organisations have but also often fail to grasp the extent of the threat.
Plus, the pickings are by no means slim. Even the very smallest companies can handle large transactions and process enormous amounts of customer data. If anything, there’s more at stake for small businesses, which, as already mentioned above, may never get back on their feet again.
It’s easy to see why respondents in the 2022 Allianz Risk Barometer ranked cyberattacks as the biggest threat to South African businesses. Considering how devastating cybercrime is, you might wonder who would want to wreak such destruction and what their motivations are.
Who launches cyberattacks?
Those responsible for cyberattacks can be divided broadly into two groups – company insiders and outsiders.
- Cybercriminals are interested, above all, in enriching themselves. Consequently, they select their marks based on where they believe they can best cash in.
- State-sponsored actors receive funding and support from a nation state. In pursuing an agenda based on national interests, they orchestrate high-profile attacks on infrastructure as well as steal military secrets and intellectual property. Plus, these hackers are behind massive-scale disinformation and propaganda campaigns.
- Politically motivated groups, such as terrorists and hacktivists both launch cyberattacks in order to make an ideological statement. The difference is that terrorists use fear to achieve their political ends, while hacktivists aim primarily to raise awareness.
- Competitive hackers thrive on a challenge and an opportunity to earn notoriety by cracking a system. In fact, businesses often hire white hat hackers (“ethical” hackers) to test their systems for weaknesses.
Although this breakdown makes it seem that there are clear categories, the lines are frequently blurred. Politically motivated groups may engage in purely criminal cyberattacks to fund their activities and state-sponsored actors are often allowed to act with impunity in the nations that harbour them.
The thought of having sophisticated state-sponsored hackers set their sights on your business is frightening, but the most serious threat to business comes from within. No one knows your systems as well as your staff. Whether they do so intentionally or not, they hold in their hands the power to sabotage your business.
- Disgruntled employees may launch retaliatory cyberattacks or threaten the safety of internal systems.
- Financially motivated insiders abuse their knowledge and system access for personal gain. Nevertheless, there are some who act on ethical grounds or for other reasons.
- Unintentional insiders are not usually the primary attackers but they inadvertently facilitate outside attacks, for instance, by negligence or falling prey to social engineering scams.
Fortify your business against cyberattacks with Digimune
Digimune’s end-to-end cybersecurity solutions cover all the bases. From advanced cloud-based AI technology through training for your staff to insurance, we ensure you are well defended from all types of attack, no matter who is responsible.
As a result, you have the peace of mind to direct all your energies into taking your business to the next level. Talk to us about how we can help you repel cybercrime.