Is your business safe from the ever-changing nature of cybercrime?

BY TAI CHISHAKWE - JULY 1, 2016

Perhaps the biggest frustration with cybercrime is that, often, by the time businesses realise that they have been hacked, the criminals would have already siphoned out huge amounts of money or sensitive data for auctioning off in online black-markets as well as leaving behind damage that will be hard or costly to repair. And South African companies, big and small, are the prime targets on the African continent.

“Cyberattacks occur every minute of every day, and a single attack could involve a victim in the Eastern Cape, and simultaneously another victim in Canada for that matter,” says Dominique September, Regional Manager at Mars Technologies.

“For the most part though, the real threat locally usually comes from within our borders, or from very close neighbours. I say the ‘real’ threat because many times these things are investigated or traced, and reach a dead-end on a server residing in Albania. This does not mean the individuals controlling that server are not from South Africa.

“The criminal elements being local, also understand the economic climate in our country, the conditions under which these Eastern Cape-based businesses operate and know how to reel such victims in by appealing to their desperation to grow and survive, and ultimately, their greed.”

Besides educating clients on cybercrime trends, Mars Technologies’ MSP offers businesses a scalable and cost-effective solution to address a number of factors ranging from end-user support to enterprise-wide proactive monitoring and protection. SpamBox, their anti-spam gateway service, filters all mail before it reaches your organisation to minimise the threat of spam and malware

According to Andre Rossouw, at Webster Rossouw & Associates, probably the common method that cybercriminals use is to impersonate financial institutions or email providers requesting verification of details.

“This usually leads the victim to an online form where they can input their credentials to supposedly verify their account or service. This is actually used to harvest the credentials and gain unauthorised access to the applicable service,” he describes.

“Another infamous and increasingly common method is the use of ransomware, where the attacker, by means of malicious software, locks the user out of their files, computer or network resources. The goal is to extort payment for the digital keys required to unlock the resources. If no payment is made, the data is lost unless it can be recovered from backup. Email attachments with malicious payloads are the usual entry points for these attacks.”

Rossouw says another common tactic is where cybercriminals impersonate a senior staff member or manager within an organisation, or a vendor of an organisation, and use social engineering tactics to defraud the organisation or extract data.

“These are targeted and typically sophisticated; the attacker knows what they are after and the ‘who is who’ within the organisation, addressing correspondence to the correct people, including forged signatures, etc. The necessary information is gathered from public resources – web sites, blog posts, contact forms, social media, trade information, etc. A junior staff member is often targeted, being sent a request from a senior ‘staff member’, who is being impersonated, to make an urgent payment in order to avoid a company disaster or to secure a large business deal. Believing the request to be a legitimate instruction from a senior or manager, the payment is made.”

Webster Rossouw & Associates helps businesses keep cyber threats at bay by providing necessary hardware, software and support services including training on new cybercrime trends.

But why do the criminals go through all that trouble? Pat Venketash, Owner & Systems Architect at eMediaIT, says; “More often than not it is about profit so getting confidential information such as bank account details, internet banking and other usernames and password or simply having payments made for bogus causes or in the case of ransomware in the hope of getting your data back (which is most certainly not guaranteed and not recommended). It can also simply be malicious, i.e. infections that look to spread and do as much damage as possible simply to see if they can.”

eMediaIT’s cybersecurity solutions include a FREE analysis of your entire IT infrastructure; general and end-point security; email security, archiving, risk and compliance, business continuity and email availability solutions as well as overall network and IT design, implementation and support services.

So what can any business easily do to minimise the chances of it becoming a victim of cybercrime? Braddon McCleland from Network Associates says; “Never open email attachments from a sender that you don’t know, even if it looks legitimate. Make daily backups of your data, off-site or in the cloud. Ensure sensitive documents, spreadsheets and information are password protected. Review company logon security and user access rights and use Corporate/Business grade Anti-Virus and malware protection software.”

Network Associates offers a three-layered defence against cyberattacks involving hardware firewalls; managed anti-virus software and training for your staff on how to safely interact with email and websites.