Nearly half (45%) of South African respondents in Mimecast’s State of Email Security 2020 report said ransomware attacks had impacted their organisation.

The common consequences of successful attacks included data loss, downtime and financial loss.

Duane Nicol, subject matter expert for security awareness and brand protection services at Mimecast, predicts we’ll continue to see major ransomware strains that will compromise global networks in 2021.

“The objective won’t be money, but anarchy,” he says. “DoppelPaymer proved this in 2020 when an attack on a German hospital delayed a dying lady from getting to hospital. Some have even labelled this is the first officially recorded death due to cyberattack. It’s since been proven that she would likely have died anyway, but some might say she would have had more of a chance if she hadn’t been turned away from the first hospital.

“In the first month of 2021 we’ve already seen major developments in ransomware. Law enforcement has already gone after and shut down emotet and other botnets and ransomware gangs. But the war continues as new minor strains and malware components have appeared. There are also new ransomware operators coming out and there have been changes in tactics from existing gangs.”

With the world waiting anxiously for the rollout of a Covid-19 vaccine, cybercriminals are likely to capitalise on this. A key US-based cold storage provider has already been the subject of a ransomware attack. Healthcare providers, vaccine-related organisations, and their logistical partners need to remain on high alert over an increased likelihood of cyberattack at this time.

Researchers have also noted an uptick in vaccine-related misinformation which may further complicate the effective rollout of a Covid-19 vaccine to those that need it most.

Remote workers become prime targets

With many people likely to continue working from home in 2021, Brian Pinnock, senior director at Mimecast, believes an increase in cyberattacks exploring consumer-grade home networking vulnerabilities is inevitable.

“Such attacks will negatively affect businesses that have not yet adapted their network security posture to align with the new hybrid work scenarios,” says Pinnock. “Data breaches involving insiders will increase due to continued remote work. It’s also likely that cyberattacks will increase faster for smaller businesses than for large organisations, who are likely to increase their uptake of cyber insurance in the belief that this will mitigate all risk.”

Renewed focus on cybersecurity awareness training

Employee awareness of cyber risks will be in the spotlight in 2021, and organisations will likely enhance their cybersecurity awareness training efforts to strengthen their ‘human firewall’. In Mimecast’s State of Email Security 2020 report, 99% of South African respondents offered security awareness training.

However, there are questions about the effectiveness of some training. In a recent global study by Mimecast, employees were asked about their use of work devices for personal activities during the pandemic. It found that half of South African respondents admitted to opening emails they considered suspicious.

Heino Gevers, customer success director at Mimecast, says companies will be forced to adopt new means of supporting remote work even if things return to normal in 2021. “Organisations will need to enhance their cybersecurity awareness training if they are to protect their employees and systems from avoidable threats. Security teams are likely to launch live phishing simulations and other real-life, de-weaponised campaigns to stress-test employees’ ability to identify and avoid risky behaviour.

“Our research has found that in 2020, end-users making use of Mimecast Awareness Training are five times less likely to click on dangerous links, so investments into effective and regular awareness training can be hugely beneficial to an organisation’s overall security posture.”

Reported breaches skyrocket due to POPIA

Starting in July, South Africans should also expect to see headlines proclaiming a massive increase in data breaches. “This will simply be a reflection of what I believe to be already high levels of unreported data breaches, that will suddenly be made public in line with the POPI Act’s breach notification obligations,” says Pinnock. “It is also when we will possibly start seeing the first regulatory fines being issued due to significant data breaches.”

Protecting public sector systems in the cloud

Thomas Mangwiro, public sector specialist at Mimecast, believes the growing adoption of cloud services among South African public sector organisations is enabling greater agility. “Public sector ICT leaders will seek growing levels of support from technology and cybersecurity partners to build greater cyber resilience in an effort to protect systems and infrastructure from cyberattacks.

“As more systems move to the cloud, new strategies will be needed to ensure high levels of security and compliance to public sector policy while maintaining data sovereignty. Cloud adoption will help the public sector with productivity and the increased ability to deliver services. But downtime due to an outage could lead to widespread disruption of critical national infrastructure if these departments are all dependent on a single cloud provider.”