The rise in cybercrime is unprecedented. Over one-third of South African IT decision-makers (35%) are on high alert and are expecting cyber-attacks on their businesses within days.
By Ian Jansen van Rensburg, senior systems engineer at VMware
Moreover, besides expecting imminent attacks, another 31% of organisations are expecting an attack with the year. Fewer than one in five IT decision-makers in SA enterprises believe themselves safe from attack in the next two years.
These were two of the findings of a new research study dubbed “The State of Enterprise Security in South Africa 2019,” conducted by World Wide Worx in partnership with Trend Micro and VMware.
And it’s just as well they are. Look for example at what happened yesterday, when City Power in Johannesburg fell victim to a ransomware attack which crippled most of its systems and Web site, leaving the entity paralysed, and unable to supply services to its customers.
Unfortunately, City Power is far from the only sufferer. In the US alone, more than 20 public-sector organisations have fallen victim to ransomware attacks this year, including City Lake, Tallahassee and Riviera Beach in Florida, Augusta in Maine, and Albany in New York, to name but a few.
This goes to show that no organisation, even the ones with huge security budgets and the most state-of-the-art security systems in place, is safe. And unfortunately, with ransomware attacks, depending on the type and severity, the damage could take weeks or even months to repair, and costs organisations in terms of system downtime and disaster recovery are so exorbitant that many choose to pay the ransom instead.
Paying the ransom is a terrible idea. Not only does it encourage this type of scourge, but there is no guarantee that cybercriminals will hand over the decryption key once the ransom is paid. However, the alternative is the laborious recovery of data from backups, assuming these backups are current and unaffected, meaning that many companies end up forking out to save themselves downtime and money in the long run.
The study also revealed that a slim majority (57%), of businesses, say they can detect evidence of a malicious breach within a few minutes. However, nearly half of businesses (43%) say they won’t know they’ve been compromised until a few hours, or even longer, after a security breach.
These organisations could be in for a nasty surprise, particularly if they are hit with ransomware, which can lock down almost every file on a user’s computer within a few hours, meaning that any response by then would be too late.
The fact that South African businesses are unable to detect threats in a timely fashion, means they have yet to fully grasp the nature of the threat and will end up facing huge losses thanks to ransomware.
And unfortunately, ransomware isn’t going anywhere soon, as cybercriminals have cottoned on to just how lucrative these types of attacks can be. Although a slew of other attacks exists, attackers who are after a quick payday, are turning more and more to extortion-type attacks.
The research also highlighted that the biggest shortcoming in cybersecurity preparedness is outdated software, with a whopping 77% of IT decision-makers claiming that it makes their organisations highly vulnerable.
With ransomware claiming victims left, right and centre, organisations simply cannot afford to not keep their software up to date. Who can forget the notorious WannaCry and NotPetya attacks from 2017 that brought some of the biggest organisations around the world to their knees? Both attacks targeted outdated Windows systems.
Out of date software and systems simply can’t defend themselves from ransomware attacks. There were thousands of computers running vulnerable systems before the WannaCry breakout, and in its wake, there are still machines out there that haven’t installed the Windows EternalBlue vulnerability patch.
This highlights the fact that the approach to IT security in a cloud and digital era must change rapidly and dramatically. The research was clear: there is a massive need for senior financial decision-makers to learn that when it comes to data protection, an ounce is worth a pound of lost data and productivity.
The report stresses where local organisations are strong and reveals the areas of IT security that they still need to work on. Having strong information and data security solutions in place is essential, and also a cultural shift towards security awareness and collaboration across all parts of the business. No business can afford to be lax when it comes to keeping their systems and software updated, and their staff educated on basic security hygiene.