Kathy Gibson reports – Cyberattacks have been a feature of the landscape since he first worm was identified in critical systems in the 1970s.
Since then, the sophistication of cyberattacks has increased in leaps and bounds, affecting all of us and causing major disruptions across governments, businesses and individuals.
Yanjun Yu, senior principle architect in the AnShi Lab at the Edison Centre, points out that malware technology has culminated in the widespread use of agentic artificial intelligence (AI) this year.
“What I have learned over time is that the motivation behind cybercrime is almost always financial gain,” he tells delegates to Huawei’s IP Club taking place in Johannesburg today.
“Thanks to cybercrime revenue and growth, cybercrime is now a professionalised business ecosystem – and it is a thriving business where many different types of services are offered.
“Just like regular businesses, they need reliable payments,” Yu adds. “Cryptocurrencies fill this gap: more often than not, after successfully encrypting data, cybercriminals demand payment in bitcoin.”
Unfortunately for victims, paying a ransom doesn’t always guarantee that their data will be returned, he adds. “There is no customer service number you can call.”
Yu stresses that malware is just as common in South Africa as any other market in the world, with a number of high-profile attacks causing disruption across industries. “Attacks cause major and severe service disruptions, data breaches or both.”
On the defense side, complexity could make it hard for organisations to reliably protect their systems.
“It can be confusing,” Yu says. “But the cybersecurity industry is fundamentally trying to achieve two things: to increase the cost of delivering a cyberattack by making it more difficult; and reducing the value of the reward if an attack succeeds.
“The ideal is to reduce the return on investment (ROI) of the cyberattack to the point where the cybercriminals would give up and move their business somewhere else.”
Today, agentic AI is the most significant IT development, with its ability to handle complex and automated processes.
Because agentic AI can reason, plan, use tools and iterate with no human intervention, it increases the attack surface exponentially, Yu says.
“Beyond that malicious actors have been using AI to create more sophisticated malware, phishing attacks and malware agents.”
But the technology can be a double-edge sword, he adds: “On the other side, the cybersecurity industry uses agentic AI to detect and remediate in real time with minimum human intervention.”
In the past, the focus would be on securing the network perimeter. But, today, the perimeter is blurred, and could in the cloud or the edge.
This means that identity has become the new perimeter, Yu explains.
In an identity-based security model, humans, devices and agents all have their own identities, which are continuously verified and monitored, with access granted only on verified identity.
Yu warns that the threat we should all be aware of – and start preparing for now – is quantum cryptography.
With 2030 widely considered as the date quantum computing will become mainstream, he points out that quantum threats are imminent. “There are just 50 months before 2030.”
Malicious actors around the globe are already preparing for this day, by intercepting and storing massive amounts of data. “They can’t decrypt it now, but in a few years’ time they will have quantum computing technology and will be able to,” Yu says.
From a defence point of view, deploying post-quantum cryptography will not be as simple as applying a patch – so organisations should be looking at this technology now.
“The threat is real; and deploying post-quantum solutions is no longer optional.”
Yu concludes that, while threats are constantly evolving, so too are solutions, and technology now includes self-healing networks that are more intelligent and more resilient.