South Africa is firmly in the sights of international cybercrime syndicates who have been ramping up their attacks on local companies in the past six months, according to security specialist Nclose.

Martin Potgieter, co-founder & technical director at ‎Nclose, says the Nview MDR team have detected a significant uptick in the number of attempts made against local customers in recent months. “We, and our colleagues in the cybersecurity sector, are seeing a surge in cybercrime activity – in particular ransomware attacks,” he says. “There has definitely been an increase in syndicates that make use of humans to launch and coordinate their attacks, they are not just relying on automated ransomware attacks.”
Stephen Osler, co-founder and business development director at Nclose, says South African companies typically do not pay the ransoms, but can find their systems shut down by attacks. The costs of downtime, remediation and brand damage due to such an attack can be significant, he says. “In many cases, organisations will take cybersecurity seriously only after a breach has occurred, but because IT budgets have been constrained, IT is generally doing the best it can to mitigate risk with a limited budget.”
Boards are asking IT: Why weren’t we ready? Are we allocating appropriate resources to cybersecurity? Do we actually know what our risks are? And are we 100% secure?
“The truth is that no organisation is impenetrable, and most are not allocating appropriate resources to cybersecurity,” says Osler. “However, it is possible to dramatically improve your security posture, gain visibility into your risk profile, and achieve a cost to risk mitigation balance appropriate for each organisation. Business, and the board, need to understand their risk and how much they are willing to spend to mitigate that risk. “