Earlier this year, TransUnion was the target of a hacker group who obtained access to one of its servers containing the personal records of a significant number of South Africans.
By Chris Norton, regional director for Africa at Veeam
The group demanded a $15-million ransom over four terabytes of compromised data. Along with the questions it raised around the effectiveness of cybersecurity for all South African companies, a local financial services firm highlighted the importance of insuring against losses to mitigate the potential risk of those who suffered from cybersecurity incidents to claim for damages.
Increasingly, South African companies of all shapes and sizes as well as government departments are becoming the targets of potential cyberattacks, spearheaded by ransomware. According to the Veeam Ransomware Trends Report 2022, almost nine in 10 local companies have experienced a ransomware attack with a third of the data unable to be recovered. An additional 78% of companies were unable to recover at least some of the data they had lost.
Designed to spread through a network, ransomware is malicious software that infects a computer and restricts access to crucial user data for a ransom. The cost of a ransomware attack can amount to almost R7 million per incident. In 2020 alone, $18 billion was paid globally in ransom.
As people become increasingly acquainted with the value of their data, any negligence, misuse, or lack of adequate protection has moved into the spotlight of possible issues for company boards. In South Africa, the Protection of Personal Information Act (POPIA) came into effect on 1 July last year significantly contributing to the pressure companies are under to show that they are making best effort to protect from data breaches.
The other reason that data and privacy have arisen as such crucial topics is timing. The recent Infocyte ‘Threat of Malware in Africa’ study has shown that Africa now has one of the highest global malware infection rates in the world. Additionally, ransomware is one of the fastest-growing threats on the continent with South African businesses being especially attractive targets for threat actors.
Local business leaders must sit up and take notice: data breaches are no longer an issue that exists within a company itself – they sit at the board level as well. Moving forward, business leaders should expect increasing momentum toward ensuring the right cybersecurity measures are in place.
Here are three things business leaders need to keep in mind when implementing cybersecurity measures.
* Everybody needs security training – Ransomware can spread through a system like wildfire, but it needs an entry point, such as an infected email, email attachment, or application. No matter their position in an organisation, any individual can potentially lead the ransomware into the system. Companies can mitigate the risk of this from happening by holding frequent training sessions on the latest cybersecurity best practices. Ongoing training is the best preventative measure to keep the network and data safe.
* Keep software up to date – Cybersecurity software, such as anti-virus and internet security solutions, need constant updating. Installing the latest patches, security updates, and virus signatures can help a company eliminate the most common ransomware payloads. This must extend to all software including operating systems as an essential step to help minimise downtime and interruptions resulting from potential breaches.
* Have a secure backup ready – A comprehensive backup strategy is something no company can afford to be without. If ransomware should infect mission-critical systems, being able to restore from a secure and reliable backup can save the company from downtime, data loss, and having to pay an expensive ransom.
Today, it seems being breached by a ransomware attack is an inevitability. However, this does not have to cost the business significant portions of its profits.
With the right cybersecurity infrastructure and training in place, South African companies can sufficiently prepare and defend themselves against the dangers of ransomware and other cyber threats in the digital world.