Kaspersky statistics show a sharp spike in network attacks in South Africa between 15 and 21 March 2020 – with affected devices increasing in number from the 20 000 to 30 000 average to peak at approximately 310 000 over these few days. The peak coincides with a time in South Africa when remote working increased in response to national emergency containment measures in an effort to flatten the curve of spread of Covid-19 in the country.
Says Maher Yamout, senior security researcher for the Global Research and Analysis Team (GReAT) at Kaspersky: “The region is seeing an increase in attempts to break into organisations’ systems to establish control over them, sabotage their work, or access sensitive information. Remote working provides cybercriminals a prime opportunity to target devices, especially those that don’t necessarily have adequate IT security measures in place. Such a spike recorded, although temporary, leads us to believe that cybercriminals have been keenly focused on the region given the current circumstances. They have been on the lookout for vulnerable devices to exploit, likely due to the rapid increase in remote working protocols that have been initiated during this timeframe, especially since the growth in attacks continued until the weekend.”
The attack types used by cybercriminals varied, yet a third of them were attempting to penetrate the network with brute forcing of passwords – repetitive attempts at various password combinations. This technique is very common and often works well with weak or repetitively used passwords or poorly configured systems.
Kaspersky, along with other market commentators, have recently shared advice linked to working from home strategies and the important security elements to consider, as this practice becomes more standard for many businesses in light of the global pandemic.
Adds Yamout: “Observing the statistics of network attacks for the past two months, we’ve never seen the numbers going above 45 000 attacks a day, while the last week saw this number reaching over 300 000. In reviewing this spike, it certainly reinforces the need to institute critical security measures for remote working strategies, to ensure effective protection. However, with the spike dropping again, such advice is likely being onboarded and taken seriously, which is great to see, and we hope continues.”