News24
04 Apr 2020, 18:13 GMT+10
Expect a significant spike in ransomware attacks and phishing scams during the coronavirus lockdown period, predicts Terence Govender, director of the IT advisory division of international advisory firm Mazars.
He believes cyber criminals will take advantage of the fact that people and businesses will be working remotely during the lockdown period, as this creates a "perfect storm" of less security and more time online.
Be especially wary of which websites one visits, he suggests - and resist the urge to download any coronavirus-related apps. Rather use certified news platforms to receive updates, as there have already been reported cases of malware that has been written into so-called Covid-19 applications.
READ | Scam alert: Now hackers are using coronavirus panic to spread malware
Who's at risk?
"During lockdown, people are likely going to be spending a lot more time online, which might just be creating the perfect storm for opportunistic cyber criminals. This is especially concerning for smaller businesses with employees working from home for the first time," warns Govender.
"While all businesses are at risk of cyber attacks, SMEs tend to be most vulnerable as they typically have fewer measures in place to protect their systems and data."
He expects another major target will be businesses operating in the medical, health and pharmaceutical industries - where cyber attackers are already claiming vaccine formulas in return for cryptocurrencies such as Bitcoin.
Attacking the vulnerable
Alexander Eremin, an expert at international cyber security firm Kaspersky, says cybercriminals have, for months, attempted to take advantage of the coronavirus crisis by launching phishing attacks and creating coronavirus-themed malware.
"We encourage Android users to be particularly vigilant at this time - pop-ups, unfamiliar webpages, and spontaneous messages about coronavirus should always be viewed skeptically," warns Eremin.
He suggests only downloading apps from official stores. Don't click on suspicious links and never give away sensitive information, such as passwords or credit card information.
READ | SA now ranks 3rd in the world for economic crimes - PwC
'Keys to the cabinet'
Louis Aucamp, managing director at Equality Group and an intuit QuickBooks trainer, cyber attacks are set to increase as much as tenfold in SA as people work from home.
"Businesses also need to protect themselves from the 'inside' by creating varying levels of access to their data," he warns. "This is not unlike giving certain staff members keys to the payroll cabinet in years gone by."
Richard Rattue, MD of Compli-Serve SA, says it is vital for businesses to keep their cyber security systems up to date.
"Cyber criminals are clever and may penetrate your defences despite your best efforts.
READ | OPINION: Ransomware is targeting government departments for your data. Can you be protected?
"The IBM 2019 Cost of Data Breach Report surveyed 21 businesses in SA and the average total cost of managing a data breach was found to be R43.3 milion."
The South African Banking Risk information Centre (Sabric) estimates that SA businesses suffer a total of about R250 million in losses each year due to phising attacks and internet fraud.
Fewer defences
Henda Edwardes, executive head of carrier and connectivity at Vox, says it is a given that people working from home have fewer security defences in their home network than they would have in the office.
"Coupled with the stressful times and possibly more distractions at home than usual, it creates a situation where employees are (more) likely to fall for malicious scams and hoaxes," sayd Edwardes.
"Also, with more children at home now using streaming services and video games, the home network is further compromised."
Heino Gevers, cybersecurity specialist at Mimecast, says experience has shown that there is a general escalation in cyber criminals' activity during times of distruption.
"Already, malicious criminals are spreading disinformation with the sole purpose of creating panic. Once panic sets in, rational thought goes out the window and that creates gaps that cyber criminals exploit," he says.
"Suddenly there is an increase in false specials and sales for in-demand products like face masks that are being promoted online, for instance."
He says the web is used in 91% of malware attacks. It is also the top distraction for employees in the current situation.
Trusted sources?
According to Elizabeth Moreno, managing director of HP Africa, a KnowB4 survey in African countries, including South Africa, found that 53% of respondents think that trusting emails from people they know, is good enough to preclude them from security threats.
About 28% of respondents said they had malware infections and 52% don't know what multi-factor authentication is, while 64% don't know what ransomware is. About 55% said they believe they would be able to easily identify a security threat.
Simon Colman, executive head of digital at SHA, says high volume of traffic during the current remote working situation, may lead to some companies easing up on some security requirements, exposing the network to external threats.
Staying safe
Tips to minimise risk include the following:
Ensure that all employee laptops have up-to-date anti-virus software and that all systems, including emails and USB ports, are enabled in order to be scanned;Ensure that the relevant virtual private network (VPN) software is enabled and/or two factor authentication (2FA) is implemented. This is a multi-factor authentication method needed to access a computer;Where possible, ensure that hard disk encryption with maximum password requirements are applicable;Ensure that the remote work security policies are the same as working on the network in the office;Deploy collaboration software on laptops ahead of time and advise staff against downloading and/or configuring software independently or via instructions;Remind staff to change their passwords as per the password policy and do not allow for an extension of the period for password changes;Remind staff not to open any suspicious emails or emails from unknown sources at this time;Stay clear of transacting on sites that do not have the https: in the URL. The S at the end of HTTP, means that the site offers some security;Install browser protection to prevent staff from accessing unauthorised or dodgy websites;Set up strong junk mail filters;Make regular, different backups;Follow up on notifications of data changes or log-ins;Never share your password(s) with anyone and change them often;Remember, prevention is better than cure.
Get a daily dose of International Technology news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to International Technology.
More InformationNew Delhi [India], June 20 (ANI): The Bharat Sanchar Nigam Limited (BSNL) has announced the soft launch of BSNL Quantum 5G FWA (Fixed...
XI'AN, June 20 (Xinhua) -- The rhythmic clatter of wheels on rail tracks echoed the fading tinkle of camel bells, heralding a renaissance...
Strengthening ties with African nations remains one of Moscows key priorities, the Russian president has reiterated Russian President...
London [UK], June 20 (ANI): A Chinese student who drugged and raped women in the UK and China was sentenced to life in prison on Thursday,...
New Delhi [India], June 19 (ANI): India and Croatia signed four Memorandum of Understanding (MOUs), which includes MoU on Agricultural...
New Delhi [India], June 19 (ANI): Aam Aadmi Party (AAP) on Thursday said 'red-tapism is back', 'corruption is thriving' and Delhi's...
MENLO PARK, California: Meta Platforms has made a bold move to accelerate its artificial intelligence ambitions—by investing US$14.3...
MOUNTAIN VIEW, California: On June 12, Google announced that it had fixed a temporary global service disruption that impacted several...
In Nepal's latest attempt to silence online speech, police are trying to arrest a well-known journalist who published on his YouTube...
Ujjain (Madhya Pradesh) [India], June 21 (ANI): Ujjain Police have taken major action against cybercriminals targeting devotees of...
Chandigarh [India], June 21 (ANI): Union Education Minister Dharmendra Pradhan on Saturday emphasised the importance of yoga on the...
Turbat [Pakistan], June 21 (ANI): Activists from the Baloch Yakjehti Committee (BYC) are on a hunger strike in Turbat, Pakistan, protesting...