July 25, 2022

Is your business an easy target for cyber extortion?

Cyber extortion continues to be a major cyber security risk for enterprises. IT leaders need to ensure their businesses don’t become an easy target for ransomware attacks. In terms of cyber threats, South Africa is one of the most targeted countries in Africa. Ransomware is among the top five threats to cyber security.

Cyber crime is profitable and attackers are always using new and ingenious ways to hack into organisations and target unsuspecting employees. With this evolving threat landscape, enterprises need to update their cyber security strategy to ensure that their business networks are protected.

Without a strong approach to cyber security, businesses drastically increase the likelihood of ransomware attacks. Just one employee needs to click on a malicious link or download an infected attachment and the whole network can be affected.

Endpoints are an easy target for cyber extortion

In light of the increased levels of cyber crime activity in South Africa, tech leaders need to conduct regular assessments to evaluate their level of cyber resilience. This self-assessment should start with the basics: passwords, login procedures and cyber security awareness training.

Weak passwords and compromised credentials are an easy target for cyber criminals looking to profit from cyber extortion. The growing number of endpoints, such as employee laptops and other internet-enabled devices, leaves businesses highly vulnerable to attack.

There are a number of ways South African businesses can upgrade their endpoint security. Endpoint detection and response (EDR) software collects data from all endpoints. These tools proactively defend business networks by detecting and blocking any malicious activity to avert attempted attacks.

More and more, identity detection and response (IDR) software is being used by enterprises to monitor behaviour and detect any suspicious activity related to credentials and logins. SEACOM Business offers endpoint protection using automated tools to prevent and detect the early stages of cyber extortion.

Cyber criminals target gaps in cyber security

Businesses using a range of cyber security tools often inadvertently make themselves more vulnerable to extortion. Without a holistic approach to security, attackers exploit the gaps where one security tool doesn’t communicate with another. The use of separate vendors means that IT teams cannot get a complete picture of what is happening on the network. Attackers may infiltrate the network via a compromised email and spread laterally to other parts of the network.

A reliance on legacy technology means that businesses are not keeping up to date with current trends in cyber security. Enterprises need a solution that covers the entire network, including all endpoints, applications and third-party software. With SEACOM Business, enterprises benefit from a cloud-based cyber security solution that taps into global threat intelligence and machine learning to ensure that even new types of attacks can be detected and averted.

Attackers leverage a reliance on digital

In the last couple of years, we have all witnessed a rapid shift to digital. Individuals and businesses are expanding their digital presence and we are increasingly reliant on digital platforms. Knowing that enterprises want to protect their valuable digital assets, attackers use this to hold businesses to ransom.

It is estimated that around 60% of South African companies fell victim to a ransomware attack in 2021. The bigger the enterprise, the higher the potential profits for cyber criminals. However, ransomware doesn’t only target big companies. SMEs don’t have the same security budgets, which makes it easy for attackers to find a way to extort these firms. Attention to and investment in cyber security tools are essential for businesses of all sizes given the current threat landscape.

South Africa’s public sector and cyber extortion

South Africa’s public sector has been identified as an attractive target for cyber extortion. In general, finance and telecommunications industries take cyber security seriously and invest in the right tools to protect themselves from ransomware and other types of cyber attack.

Governments and educational institutions, on the other hand, do not exhibit the same level of cyber resilience. In a recent survey, it was found that only 34% of these public sector institutions considered themselves prepared for a cyber extortion attack.

South Africa’s state-owned logistics company, Transnet, became the target for cyber extortion in July 2021. Later in the same year, two government agencies in Pretoria fell victim to a ransomware attack: the South African Space Agency and the South African Department of Justice. Thanks to their robust cyber security measures, the University of Mpumalanga averted an extortion attempt in 2021. University officials say they could have lost R100 million if they didn’t have the right security tools and protocols in place.

The cyber vulnerability of South Africa’s public sector is echoed across the globe. Cyber crime research revealed that almost 70% of government organisations surveyed were victims to one or more attacks in 2021. There has been a worldwide increased number of attacks on local governments and the public sector.

Dealing with cyber extortion

Using ransomware as a service has become a viable business model for cyber criminals. Attacks have become more sophisticated and cyber gangs are highly organised. Cyber extortion is not going away so businesses need a strong handed approach to cyber security.

Strong cyber protection limits the impact of incidents. Being able to automatically respond to and contain a virus requires intelligent security tools. Detecting advanced social engineering, such as account takeovers and phishing attempts, are essential for enterprises that rely on their digital infrastructure for all their business operations. Without advanced protection, businesses are an easy target for cyber extortion.

SEACOM Business works with South African enterprises to develop a cyber security strategy that suits their size and requirements. Based on zero-trust architecture, our cloud-based solutions give businesses complete protection. Automated detection and response tools mean that businesses are able to quickly respond to threats should they arise. For more information or to get a quote for advanced cyber security solutions, email us at marketing@seacom.com or leave us a message.

SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.

SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.

For‌ ‌more‌ ‌information‌ ‌on‌ our internet and voice solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌insightful‌ ‌articles‌ and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.

Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.