South Africa has had its share of high profile security breaches. Cybercriminals have targeted prominent businesses such as Ster Kinekor and Master Deeds in 2017, and most recently, Liberty Holdings earlier this year.
With GDPR now in effect, companies with international reach could stand to lose huge amounts of money in fines if they fail to report breaches. Not to mention the financial repercussions of the breach itself.
“A breach happens when a malicious actor manages to infiltrate a data source and successfully gain access to sensitive information,” said Indi Siriniwasa, Vice-President for Trend Micro, Sub-Saharan Africa.
“There are a number of ways this can happen, mainly by either physically getting access to a computer or network or gaining access remotely.”
Cybercriminals begin by looking for weak points in an organisation’s security and then painstakingly plans the attack. These hackers could use the system’s weaknesses to gain access or use social engineering which involves tricking employees into giving them access in one way or another. Once in the network, they are free to extract whatever information they are looking for.
What the cybercriminal steals boils down to what they are after. If the motive is corporate espionage, they will most likely be looking for plans or blueprints, product information or contact lists. Most often they are looking for personal information contained on databases, which many sell to other criminals, especially to extort money or to create false identities.
Hacktivists also target certain websites to spread their message – a kind of cyber vandalism. They may even steal data to purposefully damage an organisation’s reputation.
“The threat is very real, and prevention starts with employee education,” added Siriniwasa.
“It may sound incredibly simple, but informing staff not to click on suspicious links or emails is a good start to ensuring security. Multi-layered security is also a smart way of deterring attackers. When it comes to data security, you can never be too careful.”