A multi-pronged approach to cybersecurity is essential, including strong authentication, regular data backups, security awareness and collaborative threat sharing across organisations to secure the increasingly vulnerable digital landscape.
Dr Jaya Baloo, chief security officer at Rapid7, tells delegates at SingularityU South Africa Summit 2024 that the lines between cybersecurity, military operations, and civilian activity are becoming increasingly blurred.
“Global conflicts that used to be limited to traditional warfare are now turning into cyber wars, with regular civilians getting involved,” Baloo says, citing examples from recent conflicts, such as the involvement of hacker groups affiliated with Anonymous in the Israel-Hamas clashes, and the co-opting of cybercriminal gangs by Russia to carry out state-sponsored hacking operations. “It’s hard to tell these days whether the attackers are state actors, cyber criminals, or a combination of both.”
One particularly concerning trend is the ease with which anyone can launch distributed denial-of-service (DDoS) attacks using readily available online services because “the internet was never built with security in mind, and that’s why these kinds of attacks are possible”.
These virtual attacks have real consequences, not just on individuals but on nations and parastatals too. She points to the Stuxnet attack on an Iranian nuclear facility in 2010, and the 2015-2016 attack on Ukraine’s energy grid, which resulted in nationwide blackouts. These incidents illustrate how cyber warfare can cause tangible, real-world damage.
Ransomware has been the single biggest threat to organisations over the past five years, according to Europol’s Internet Organised Crime Threat Assessment. There are over 600 types of so-called ‘ransomware families’. Small- and medium-sized businesses are particularly vulnerable, with the average financial impact of a data breach in South Africa ranging from R100 000 to R10-million.
Therefore, it’s essential for everyone, individuals included, to have a multi-pronged approach to address these cybersecurity challenges. Dr Baloo calls on governments to hold vendors accountable for secure-by-design products.
Her key cybersecurity takeaways are:
- Implement multi-factor authentication and passkeys on all personal and professional devices, as well as online services and accounts.
- Back up data online and offline regularly to mitigate the impact of attacks like ransomware, which can hold data hostage.
- Choose a reliable antivirus/EDR solution.
- Focus on security awareness, visibility and rapid response.
- Diversify your vendors and suppliers to improve cybersecurity resilience.
- Improve threat and incident sharing among organisations to improve transparency and the collective ability to respond to cyber threats.
“We need to change the odds in our favour,” Dr Baloo concludes. “Cybersecurity is no longer just an IT problem – it’s a critical issue that affects us all, and we need to work together to fix it.”