Ransomware attacks rise at an alarming rate

play article
Subscribers can listen to this article
attackers insert malware that remains undetectable for a long time, which helps them gain control of a computer system. Photo: iStock
attackers insert malware that remains undetectable for a long time, which helps them gain control of a computer system. Photo: iStock


There were 93% more ransomware attacks worldwide in the first half of this year than in the first six months of last year.

A half-yearly report from Check Point Software Technologies shows that 29% more organisations have been victims of cybercrime.

In the US, an average of 443 cyberattacks occurred per week. In Europe, the Middle East and Africa, there were an average of 777 cyberattacks per week, and in the Asia-Pacific region, there were 1 338 attacks a week.

In addition to ransomware attacks, incidents of advanced persistent threats (APTs) have also increased sharply. APTs are cyberattacks that occur over a long period of time.

The attackers try to act without being detected so that they can steal key information and monitor users’ movements for as long as possible, says David Emm, a cybersecurity specialist at cybersecurity company Kaspersky.

“They use highly sophisticated software that is often designed specifically for a specific cyber attack.”

Kaspersky says in its latest report on cyber threats that there was a sharp increase in attacks on Microsoft Exchange systems in the second quarter of the year.

Cyber scams targeting individuals

Cybercriminals have not only large systems, but also individuals in their sights.

Scammers have recently started building websites that give unsuspecting victims the “opportunity” to buy products that they never receive. The websites are set up as a kind of lottery, where people can bid on the basis of the weight of the package. It’s really just another way to scam money out of victims.

Another scam is WhatsApp messages sent to victims announcing that they have won big prizes. To receive the prize, they must first pay a certain amount of money.

Scammers also exploited the debate over WhatsApp’s privacy policy by luring people to a fake Facebook profile where their personal information was eventually stolen.

Fake WhatsApp messages are also distributed with links to apps that download malware on victims’ devices.

“One such APT operator is GhostEmperor, which targets high-profile victims. This may include government entities and telecommunications companies in particular.”

APT attacks require effort and are usually carried out by organised cybercrime groups sponsored by nation states.

They target large corporations or critical infrastructure, but that does not mean smaller organisations are safe. The attackers use smaller entities as a way of gaining access to large organisations, says Emm.

APT attackers insert malware that remains undetectable for a long time, which helps them gain control of a computer system.

The intruder can also rewrite codes or delete them altogether so that the attackers can clear their tracks.

APT attacks are not random; the attackers have researched their victims well in advance and are usually looking for extremely sensitive information such as patents, financial data or military plans, says Emm.

The Check Point report mentions some incidents of APT operations:

. An APT attacker with Lebanese ties broke into about 250 servers in the US, the UK, Lebanon and Israel in February and stole data;

. An attacker named Lazarus, possibly based in North Korea, spied on researchers from other countries in February; and

. An APT group with Russian ties has targeted several organisations in the US, the US’s National Security Agency (NSA), the FBI and the Cybersecurity and Infrastructure Security Agency recently warned.

The cyberattack on Transnet at the end of last month was a wake-up call for the South African government that such crime poses an increasing threat to state institutions. Experts said the security of systems and servers urgently need to be strengthened.

Transnet is keeping mum on the nature of the cyberattack, but ransomware was allegedly used to shut down its computer systems and paralyse operations at ports across the country for more than a week.

They use highly sophisticated software that is often designed specifically for a specific cyber attack.
cybersecurity specialist David Emm

About the same time as Transnet’s attack, Macsteel, one of the country’s largest steel manufacturers, experienced a similar cyberattack, said Manie van Schalkwyk, CEO of the Southern African Fraud Prevention Service.

With the outbreak of the Covid-19 pandemic, the world’s operations have increasingly moved online – and so has crime. The world is no longer dealing with white-collar and blue-collar crimes, it is also dealing with cybercrime, which is a lot harder to stop and – perhaps more importantly – harder to prosecute.


Delivering the 

news you need

+27 11 713 9001
69 Kingsway Rd, Auckland Park

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24


Read the digital editions of City Press here.
Read now
Voting Booth
President Cyril Ramaphosa has praised outgoing Chief Justice Mogoeng Mogoeng for his outstanding leadership and service. Do you agree?
Please select an option Oops! Something went wrong, please try again later.
He served well.
63% - 175 votes
He was too controversial
37% - 103 votes