SA hit by longest running cyber attack campaign in July - report

In July this year South Africa experienced the longest running cyber-attack campaign among all the regions monitored by email and data security company Mimecast for its quarterly Threat Intelligence Report.

Four major cyber-attack campaigns were detected in South Africa between July and September. The systems of several financial services companies suffered the brunt of the impact of these cyber-attacks.

Mimecast detected more than 116 000 attacks in SA over an eight-day period in July by an unknown "threat actor or advanced criminal group". Various malware types were used in the process, including a range of generic Trojan viruses.

Mimecast's Threat Intelligence Report: Risk and Resilience Insights, released on Wednesday, provides a technical analysis of the nature of cyberattack campaigns on businesses in several key markets, including the US, UK, Australia, Germany, and South Africa.

The report includes an analysis of 207 billion emails processed, 99 billion of which were rejected. The goal of the report is to keep organisations informed on the threats that are targeting their industries.

Impersonation attacks are on the rise, the research found, accounting for 26% of total detections. These kinds of attacks now include so-called "voice phishing" (vishing). This is an advanced attack using social engineering to gain access to personal and financial information via the victim's telephone system.

Top sectors targeted globally from July to September were transportation, storage and delivery, banking and legal.

According to Josh Douglas, vice president of threat intelligence at Mimecast, the latest research found that the majority of threats were simple, sheer volume based. This is because they are easy to launch and get employees to click on malicious links.

Multinational cybersecurity company Kaspersky Lab said on Wednesday its research on Advanced Persistent Threats (APTs) points to a change to be expected in coming months.

'The bar has been raised'

The overall trend indicates that threats will grow in sophistication and become more targeted.

According to Kaspersky, after a number of personal data leaks that happened in the past years, the number of personal details available made it easier for attackers to perform targeted attacks, based on victims leaked info.

"The bar has been raised, and in 2020 the threat actors will dive deeper, hunting for more sensitive leaks, such as biometric data," states Kaspersky.

Key technologies, which could lure victims of personal data abuse into traps, include publicly discussed video and audio "deep fakes".

Other targeted threat predictions for 2020 include "false flag" attacks reaching a new level with attackers seeking to lay the blame on someone else, and ransomware shifts toward targeted threats.

Instead of making files unrecoverable, threat actors could threaten to publish data they stole from a company.

ZAR/USD
16.89
(-0.10)
ZAR/GBP
21.36
(-0.08)
ZAR/EUR
19.22
(-0.17)
ZAR/AUD
11.82
(+0.01)
ZAR/JPY
0.16
(+0.05)
Gold
1810.74
(+0.15)
Silver
18.79
(+0.62)
Platinum
852.00
(+0.53)
Brent Crude
43.32
(+0.49)
Palladium
1920.00
(+0.83)
All Share
55870.69
(+1.13)
Top 40
51558.75
(+1.25)
Financial 15
10275.29
(+1.87)
Industrial 25
77503.35
(+0.84)
Resource 10
52793.47
(+1.49)
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
Results
I'm not really directly affected
18% - 1790 votes
I am taking a hit, but should be able to recover in the next year
23% - 2346 votes
My finances have been devastated
35% - 3515 votes
It's still too early to know what the full effect will be
25% - 2526 votes
Vote