Vienna - Threats to our cyber security are constantly evolving and are becoming ever more sophisticated as our homes and cities become smarter and internet technology winds itself through every area of our lives.
And as our technological world grows, so too, do the threats against us with year-on-year figures for cybercrime constantly increasing.
There were about 476 million attacks globally in 2016, compared to 224 million in 2015. In the first quarter of 2017 there were 2,26 billion cyber threats.
South Africa is no exception to this worldwide trend, although we are still behind compared to many other countries in Africa, the Middle East and Turkey (known as the META region).
In South Africa 42.8% of internet users were affected by local threats and 12.9% by online threats.
This is according to global cyber security company Kaspersky Lab, which protects over 400 million users. The company indicated that in January to March 2017, the highest numbers of web threat incidents were reported in Algeria (38.1%), Tunisia (32.4%) and Morocco (26.1%), followed by Egypt (23.5%).
In the Middle East the countries experiencing most threats were Qatar (29.7%), Saudi Arabia (24.2%), and the United Arab Emirates (23.6%). South Africa had some of the lowest numbers of affected users in the META region (46.8% for local and 12.9% for web threats). In Turkey 18.8% were affected by web threats and 47.1% by incidents related to local threats.
Cyber criminals mainly have one aim, and that is to steal as much money as they can.
At a conference held in Vienna this week, Kaspersky Lab gave an overview of the global and regional cyberthreats and security trends facing the META region.
“In the first quarter of 2017 we saw threat actors turning their attention to wipers, as well as financial crime. Fileless malware has been used in attacks by both targeted threat actors and cybercriminals in general – helping them to avoid detection and make forensic investigations harder,” said Ghareeb Saad, senior security researcher, Global Research & Analysis Team at Kaspersky Lab.
Beware - your system could be held to ransom
At the end of the day cyber criminals are interested in one main thing and that is how to steal your money. Saad indicated the way they are doing that changes with the evolution of technology. The attacks they see increasing currently are in the area of ransomware, where systems are disabled and victims are asked to pay a ransom to get it back.
There were over two times more banking Trojans (121% increase compared to the same period in 2016) as well as threats to mobile phones.
“There were over 6 million ransomware attacks in 2017 so far compared to 3 million in 2016,” Saad said. He also said criminals are aware that mobile phones contain more information on them than computers.
“A mobile phone can give them access to sms messages, your business email, business contacts, personal photos, GPS coordinates, banking details, calendar and installed apps.”
Connected cars, cities and homes also create a ground where criminals can steal your data.
Saad also indicated an area they are looking at is drone security. A mega-drone has been invented which is expected to be launched as a self-flying taxi in Dubai this summer, he said.
Look out for fake Facebook accounts
Social networks are also an easy target for criminals where people are not as safe as they should be, accepting friend requests from strangers on Facebook and clicking on unsafe links posted on Twitter.
Saad indicated that fake Facebook accounts often look real, with many pictures, friends and posts. But then they post things like “see how many people are viewing your profile” with a link to it and it’s malware.
“Don’t accept friend requests from people you don’t know, and don’t click on sites you don’t know,” Saad said, adding that this is one easy way to protect yourself from this type of danger.
Ransomware is a concerning area and Saad indicated that these attacks are becoming more sophisticated.
He described the case of a hotel whose network was hacked and the key cards to access rooms stopped working. There were 500 guests at the hotel.
“The hotel is told to pay a ransom to get it working again and they pay,” he said, saying this could happen to any business.
The attacks will also concentrate on individuals. He described a family whose six-year-old was diagnosed with cancer. They were told they had three years left with him, so the family spent as much time with him as they could and travelled the world. All their memories of this time, their photos and videos, were blocked from them and they were asked to pay to access them again.
“Prevention is better than cure. Back up important data and files. Keep your software updated and use strong security software,” he said.
The same can happen with smart devices inside our homes and cities.
Smart devices in the home also a risk
A smart coffee machine, refrigerator, TV, camera, shower, thermostat and security system can all be hacked. Denis Makrushin, a senior security researcher at Kaspersky Lab, said these devices often don’t need passwords and a great deal of sensitive information can be extracted from them, like your wifi password, or they can be used to spy on people.
In cities where street or road cameras have Bluetooth or internet connection data can be extracted from them, and if a criminal wants to he can probably remove his own number plate from a system, rendering him a ghost on the road.
Machines like transport pay centres or cinema pay points contain users' banking information and they are easy to compromise, Makrushin said.
* Angelique Serrao is in Vienna for the Cyber Security conference as a guest of Kaspersky Lab.