Cyber crimes are any criminal or other offence that is facilitated by or involved the use of electronic communications or information systems, including any device on the internet or any one or more of them.
Most cyber crimes are committed by individuals or small groups. However, large organised crime groups also take advantage of the Internet. Criminal communities share strategies and tools and can combine forces to launch coordinated attacks.
They even have an underground marketplace where cyber criminals can buy and sell stolen information and identities.
It’s very difficult to crack down on cyber criminals because the Internet makes it easier for people to do things anonymously and from any location on the globe.
1. How rife is it in SA?
Cyber crime has a significant effect on our economy as in the rest of the world, and costs South Africa over R6 Billion each year. In fact, South Africa is one of the most targeted countries globally for cyber phishing crime attacks.
According to statistics, the average cost of cyber crime in 56 organisations globally was R89 Million, up 6% over 2011 and the damage will rise every year if precautions are not put in place.
With South Africa having such a diverse economic landscape, and many of the financial services being delivered in the mid-tier market, vulnerable personal information on individuals is handled daily by these companies.
Most businesses spend money on external safeguards and security. They may invest in security personnel, closed circuit television cameras, and alarms, but they neglect to consider threats that also lurk online and such risks can be dangerous and devastating.
2. Why are smaller sized business targeted?
Small and mid-sized businesses are more attractive targets because they tend to be less secure and easier to access. Most SME’s have little training or understanding of laws governing how personally identifiable information should be encrypted, shared, or stored and lack policies ensuring their staff complies with those requirements.
For businesses whose security has not kept up with the latest cybercrime developments they could be facing avoidable risks without realising it. Hackers target SME’s hoping that their lack of preparation and limited expertise will make it easier to penetrate their systems and those of their business partners.
3. What are cyber criminals up to?
There are many ploys and schemes. Cyber crime scenarios include:
- Ransomware, bitcoins and malware: Ransomware is malware that locks your file, or worse your entire system, so that you cannot use them unless you pay the cyber-criminals.Ransomware will continue to be a more relevant threat in coming years and is said to be the “future of consumer cybercrime”.
- Targeted attacks: Targeted attacks are a rising trend. Most commonly known as Advanced Persistent Threats (APTs), their main difference from traditional cyber-attacks are target selection, plus silence and duration of attack. First of all, in most of these attacks there is a selected target, as opposed to traditional attacks that use any available corporate targets for their purposes. Secondly, these types of attacks try to stay unnoticed for longer periods of time.
- Payment systems in the spotlight: In parallel with the growing use of online payment systems, the cybercrime interest in attacking them grows too. At this point, it is already obvious that cyber-criminals will continue putting efforts into payment systems as more money circulates on the web. On the other hand, traditional point of sale (POS) systems are still widely used and malware authors are well aware of that.
- Internet of Things: whole new categories of digital device are getting connected to the internet, from domestic appliances to home security and climate control, and this trend has been dubbed the Internet of Things or IoT. Due to this trend, we see some evidence of cybercrime emerging such as attacks on cars, Smart TVs, biometric systems on smartphones, routers and google glasses!
These are only some examples of cyber attacks – with every trend, there is a new ploy and target.
4. What are the common risks/vulnerabilities?
Cyber-criminals usually have a specific target, and they even look for concrete information or try to attack.
Contrary to what most people think, the majority of cyber-criminals use well-known techniques (sending malicious mails in links or emails) and they usually exploit known vulnerabilities when the corresponding security patch has not yet been applied.
One of the most common techniques for accessing sensitive information from corporate employees, such as credentials to access the internal resources, is still phishing. Most of these attacks target employees belonging to all the company levels. Criminals are not only after our information.
The mere fact of having thousands of infected computers already grants them a profit if those machines are part of a botnet and follow the criminal’s orders.
Their hard drives can be used to store any kind of illegal material; the internet connection can be used to send millions of spam emails or to perform Distributed Denial of Service Attacks (DDoS); and their processing capabilities can be used for cryptographic coin-mimicking – such as Bitcoin – which will go directly to the criminals’ virtual wallet.
There aren’t’ many companies that use no security protocols in their computers, but they are not always the best. Every business, from SME’s to large corporations, should be aware of the importance of security and the cost as well as reputational impact of breaches.
5. How should companies protect themselves?
Many SME’s only have a single product as protection, such as antivirus. With employee BYOD, it is dangerous as these personal devices can be an attack route into the corporate network if users download malware disguised as legitimate applications.
SME’s should safeguard their business with comprehensive security packs with end-to-end security (protecting endpoints, file servers, mailboxes and mobiles/tablets).
Traditional antivirus products compare the file on a user’s system to only a limited library of known bad signatures, or look for only exact matches with such signatures.
Many that do not perform advanced heuristic analysis (examining the structure or behaviour of malicious code) have difficulty detecting malware that is released in many subtle variations or morph every few hours to evade signature-based detection, a common practice for today’s developer.
Education is essential. Many users don’t realise the threats that exist on online, and therefore do not put security in place. Businesses of all size should educate their employees on the online risks – this will help avoid costly harm (both monetary and reputational).
6. What are costs/rewards vs risk of using cyber crime protection?
Costs vary according to business size. The cost implications from an attack could amount to millions, not forgetting the cost of reputation. Many SME’s cannot afford cyber attacks – and it can, in extreme cases, mean the end of some small businesses.
Sadly, when thinking of cybercrime, it’s not a matter of “if” but rather a matter of “when”.