If you think online security is something you shouldn’t bother with, consider this stat: 7% of all organisations in South Africa were hacked in the last year.
These aren’t random attacks, but rather companies that were specifically targeted. To make matters worse, there has been a 67% increase in the number of ransomware, and an increase of 15% in the number of cyber-related incidents.
For a good example of just how devious cyber criminals can be, internet security company Kaspersky discovered ‘Equation’, an online piece of software whose main use is cyber-espionage, surveillance and data theft.
Operations by unknown individuals using this nasty tool started somewhere between 1996 and 2001. Equation’s functionality allows it to infect a hard drive’s firmware for the purpose of spying. As most tech-savvy people know, there is no recovering from that, as the firmware isn’t something that can be cleaned or disinfected.
Luckily South Africa has had a fairly low Equation infection rate to date, but what makes this software particularly gruesome, is that it has the ability to infect almost all devices – including Mac computers.
Kaspersky Lab called Equation the “mother of all Advanced persistent threats (APTs)” for its intense use of zero-day exploits.
So how does that effect the rest of us? Well, cyber criminals on many occasions have abandoned attacking targets directly, instead choosing to go through a third-party – like you.
Instead of attacking a bank head-on, criminals have in the past as an example, attacked a company that works closely with the financial institution’s budget or procurement department – like suppliers, cleaners or auditing firms.
On many occasions social engineering and phishing played a huge role. Spoofing the credentials (such as in emails) of a third-party and asking for something banking related (like a forgotten username/password) for adding inventory to the bank’s records, it’s easy-peasy to get into the bank itself.
A case study of this revolves round Carbanak, an organised crime group who managed to breach over 100 banks, making off with between $2.5 million and $10 million per bank.
The trick was rather simple; instead of hacking directly into the bank’s website and transferring the money to somewhere else, the group used a combination of technology and old-school know-how. They hacked into the banks’ ATMs, causing them to dispense money. Somebody on the crew stood next to the ATM, collecting the money being spat out, and then casually walked away.
From there, the money was transferred to money mules in China, and disappeared forever.
The attacks became so nasty, that the hackers were able to change registration data of shareholders in its depository – effectively taking over the bank from within and cashing out.
“The plot marks the beginning of a new stage in the evolution of cybercriminal activity, where malicious users steal money directly from banks, and avoid targeting end users. The largest sums were grabbed by hacking into banks and stealing up to ten million dollars in each raid,” Kaspersky Lab explained.
The most frightening aspect about all of this is the lack of preventive measures available. There’s very little people can do to guard themselves against attacks of this type. If there is a will, a hacker will find a way.
“There is no silver bullet to attacks, and this will push IT insurance going forward,” Kaspersky Lab explained to htxt. “Mistakes often lead to large compromises, which is why you need a multi-layered defence.”
Speaking of IT insurance, the concept is fairly new in South Africa and works the same way traditional insurance would – if something virtually happens to your company, you can claim against it.
Premiums are actually very affordable, as you will be able to buy $1 million in coverage for only $1 500 per month. That would cover anything from a system recover after being breached, to helping you fend off lawsuits after a data leak.
So once again, here is a stat for you: there are over 1 200 comprised IP addresses hosting phishing sites in South Africa, and almost 300 000 worldwide.
In South Africa for only the month of April, 429 new phishing kits were analysed by various IT security companies and 6 575 distinct phishing URLS were added to watch lists.
Isn’t it about time that everybody started to take their personal security online a little bit more seriously?[Image – CC by 2.0/brownpau]