From fake links for online meetings to drones - SA businesses warned of cyberattacks

accreditation
0:00
play article
Subscribers can listen to this article
In South Africa, more than 1.2 million user accounts were stolen this way from 2021 to 2022.
In South Africa, more than 1.2 million user accounts were stolen this way from 2021 to 2022.
Getty Images
  • South Africa can expect a record number of disruptive cyberattacks in 2023, similar to the attack on Transnet's operations earlier this year, warns global cybersecurity company Kaspersky.
  • Apart from government data, Kaspersky expects targets will be organisations in agriculture, logistics and transportation, energy - the mining, chemical, and machine tool sectors, as well as renewable energy and hi-tech.
  • Kaspersky data shows that phishing in SA is still one of the most pervasive attack methods.
  • For more stories, go to the News24 Business front page.

Next year is likely to see a record number of disruptive and destructive cyberattacks, hitting government and critical industries, including in South Africa, warns David Emm, principal security researcher at global cybersecurity company Kaspersky.

"Just consider the impact the Transnet attack had on the country's economy to have an idea of the potential for disruption that these destructive attacks can have on SA," Emm told News24. 

"There will also be high-profile cyberattacks against civilian infrastructure. Energy grids or public broadcasting may also become targets, as well as underwater cables and fibre distribution hubs, which are challenging to defend." 

Kaspersky data shows that in SA, phishing is still one of the most pervasive attack methods. Common scenarios include fake business correspondence from partners, fake links for online meetings or documents, and even still, Covid-19-related emails.

Emm regards ATPs (advanced persistent threats) as one of the biggest cyber challenges SA will face next year. ATPs are when intruders access a network and remain undetected for a long time. 

These are the most sophisticated cyberattacks, and Africa is increasingly the focus region. 

This method has already been used to target telecommunications companies, government data, and even non-profit organisations.

Kaspersky expects targets will be organisations in agriculture, logistics and transportation, energy - the mining, chemical, and machine tool sectors, as well as renewable energy and hi-tech. 

Another big threat for SA is dark web markets gaining access to corporate data.

"The average price on dark web markets and forums for access to corporate infrastructure in Africa is $2 100. This is well below the $4 000 global average. SA businesses need to find more effective ways of strengthening their cybersecurity footprint and harden data access defences," says Emm.

Additionally, access can be gained by infecting user devices with a data stealer. Data gets stolen while users continue to work on their devices. Then the stolen data is transferred to command-and-control servers and packed in files, which are then published on dark web forums and put on sale. 

In SA, more than 1.2 million user accounts were stolen this way from 2021 to 2022.

A third threat is attacks targeting the industrial control systems (ICS) environment, which are growing in severity. ICS computers are used in oil and gas, energy, automotive manufacturing, building automation infrastructures, and other sectors to perform various operational functions.

Attacks on these computers are extremely dangerous as they may cause material losses and production downtime.

Kaspersky expects a rise in ransomware attacks in the ICS environment in 2023.

In SA, various malicious objects were blocked on 36.1% of ICS computers from January to September this year. Of these, 14.6% came from the internet.  

"South African companies should also be aware of the potential for attackers mixing physical and cyber intrusions. For example, using modified drones to 'collect' wireless credentials or even dropping malicious USB keys in restricted areas in the hope that an employee will plug them into a machine," says Emm.

Tomas Smalakys, chief technology officer at encryption company NordLocker, expects fileless malware will pose serious concerns next year. This is because fileless malware does not require its victim to download files. It is practically undetectable by most information security tools. 

This type of malicious software exploits vulnerabilities in already downloaded, well-known, and trusted applications, leaving no trace on the computer's memory. "Employees will be the weakest link in corporate cybersecurity. The human factor is the culprit behind more than 80% of cyberattacks," says Smalakys.

Karen Rimmer, head of distribution at PSG Insure, says the prevalence and scale of recent cyberattacks on businesses of all sizes have made adequate cyber liability cover a vital component.

"Cybercriminals are becoming increasingly sophisticated, which is why businesses need robust cybersecurity policies. Prevention should be your first line of defence, but if a cyberattack cannot be avoided, having the backing of cyber liability insurance can help your business to recover as quickly and cost efficiently as possible," says Rimmer.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
17.21
-0.1%
Rand - Pound
21.32
+0.1%
Rand - Euro
18.70
+0.1%
Rand - Aus dollar
12.24
-0.0%
Rand - Yen
0.13
-0.4%
Platinum
1,016.00
+1.2%
Palladium
1,617.34
-3.0%
Gold
1,929.54
+0.0%
Silver
23.58
-1.4%
Brent Crude
87.47
+1.5%
Top 40
74,766
+0.4%
All Share
80,791
+0.4%
Resource 10
77,871
-0.4%
Industrial 25
103,872
+0.7%
Financial 15
16,281
+0.6%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders