SA hit by longest running cyber attack campaign in July - report


In July this year South Africa experienced the longest running cyber-attack campaign among all the regions monitored by email and data security company Mimecast for its quarterly Threat Intelligence Report.

Four major cyber-attack campaigns were detected in South Africa between July and September. The systems of several financial services companies suffered the brunt of the impact of these cyber-attacks.

Mimecast detected more than 116 000 attacks in SA over an eight-day period in July by an unknown "threat actor or advanced criminal group". Various malware types were used in the process, including a range of generic Trojan viruses.

Mimecast's Threat Intelligence Report: Risk and Resilience Insights, released on Wednesday, provides a technical analysis of the nature of cyberattack campaigns on businesses in several key markets, including the US, UK, Australia, Germany, and South Africa.

The report includes an analysis of 207 billion emails processed, 99 billion of which were rejected. The goal of the report is to keep organisations informed on the threats that are targeting their industries.

Impersonation attacks are on the rise, the research found, accounting for 26% of total detections. These kinds of attacks now include so-called "voice phishing" (vishing). This is an advanced attack using social engineering to gain access to personal and financial information via the victim's telephone system.

Top sectors targeted globally from July to September were transportation, storage and delivery, banking and legal.

According to Josh Douglas, vice president of threat intelligence at Mimecast, the latest research found that the majority of threats were simple, sheer volume based. This is because they are easy to launch and get employees to click on malicious links.

Multinational cybersecurity company Kaspersky Lab said on Wednesday its research on Advanced Persistent Threats (APTs) points to a change to be expected in coming months.

'The bar has been raised'

The overall trend indicates that threats will grow in sophistication and become more targeted.

According to Kaspersky, after a number of personal data leaks that happened in the past years, the number of personal details available made it easier for attackers to perform targeted attacks, based on victims leaked info.

"The bar has been raised, and in 2020 the threat actors will dive deeper, hunting for more sensitive leaks, such as biometric data," states Kaspersky.

Key technologies, which could lure victims of personal data abuse into traps, include publicly discussed video and audio "deep fakes".

Other targeted threat predictions for 2020 include "false flag" attacks reaching a new level with attackers seeking to lay the blame on someone else, and ransomware shifts toward targeted threats.

Instead of making files unrecoverable, threat actors could threaten to publish data they stole from a company.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot