“Cybercrime is a global problem, and it is the country costing hundreds of millions of rand annually. What needs to happen, is that organisation urgently need to collaborate with private entities and the public on cyber threat initiatives,” said Wolfpack Information Risk’s Craig Rosewarne at the Cybercon Africa conference taking place in Johannesburg today.
Cybercrime is a worldwide problem, costing countries and organisations a small fortune every year. But what can be done about the ever-growing issue – and urgently?
Rosewarne is of the opinion that organisations are only reacting to threats and intrusions, but should be taking on a more proactive stance against it.
“We are in the reactive stage right now, as we are still trying to get around the breaches and figure out how they work. Ideally where we would like to be, is in the proactive side so that we can prevent them before they happen.”
Simon Mullis, from security firm FireEye, used the example of a study done in Sweden where it wanted to determine if the Nordic country was on par with cyber threats and attacks from across the world. What FireEye discovered was rather shocking: the medium number of days from a company being breached until the threat was detected was 229 days. And once the threat was detected, it took the infected organisation around 32 days to resolve the matter.
“What is also scary, is that 67% of the organisations in the study that were breached were alerted to the breach by an external party. The majority was zero-day exploits, as 100% of the victims had up-to-date anti-virus and firewalls in place,” Mullis explained.
Without driving fear into organisations, he explained that some infected websites make use of files that individually are not malicious, but once they set its chain reaction into motion, become very dangerous.
He also highlighted the importance for enterprise networks to update to better protection, as criminals won’t waste a perfectly good zero-day exploit if they can enter through other means.
“Legacy crimeware is endemic – it remains largely undetected in enterprise networks. If I can send weaponised PDF to your office, why would I waste a zero-day exploit? All these are events in the long terms campaign.”
How big is cybercrime in South Africa?
According to McAfee’s Trevor Coetzee, cybercrime in South Africa is a multi-billion rand industry.
“If cybercrime was a nation, it would have been 27th biggest in terms of GDP, and cost the global economy $445 billion a year. In South Africa, cybercrime has an economic impacts equal to 0.14% of the national GDP – about R5.8 billion a year.”
With those figures, Coetzee stresses that stopping cybercrime could potentially and positively impact the South African economy, as the annual loss to the US economy is over $100 billion, costing it around 200 000 jobs.
The threat is ever-growing – as more people in Africa are connected to the internet every day, the bigger the risk to becoming infected.
“As the internet is used for more commercial purposes, so too will cybercrime grow. That is the same for Africa – as more people are connected to the internet in Africa, the more people can fall victim to attacks.”
But the true impact of cybercrime in South Africa is very hard to gauge effectively, as the full picture will only be revealed once POPI comes into play. Only then, will organisations be compelled to disclose when a breach occurred.
“Organisations are not regulated to disclose attacks and hacks, so it is very difficult to accurately estimate the impact of breaches in SA. There needs to be a regulator with teeth, and it will be up to POPI for companies to disclose when they have been breached.”[Image – Shutterstock]