By Simeon Tassev, Managing Director and Qualified Security Assessor at Galix
The year that was
According to Kaspersky Lab, there were an estimated 13,842 attempted cyberattacks every day in the first quarter of 2019 alone, which represents an increase of 22% over 2018. Hundreds of attacks are perpetrated every hour, and there were several high-profile successes this year.
One of the most publicised was the DDoS attack against the City of Johannesburg in October, which shut down online services. This was the second successful attack on the municipality in a matter of months. In July, Johannesburg City Power was hit by a ransomware attack that left many residents without electricity for several days. Internet Service Providers (ISPs) AfriHost, Axxess and WebAfrica were also the victims of DDoS attacks in October which affected end-user connectivity, network performance and hosting environments. All of South Africa’s Big Five banks also experienced disruptions in their service resulting from attempted cyberattacks.
What will the new year bring?
The year 2019 proved to be a highly lucrative year for the cybercrime industry, with businesses rather than individuals being the main targets. This is because businesses have large repositories of data and in many instances the means to pay the ransom demanded, so they are more likely to yield profits. In addition, many businesses are seen as soft targets because they have vulnerabilities in their security systems. We can expect that the trend of accelerating attacks that are increasing in sophistication will continue in 2020.
Be prepared – it’s not a question of if, but when
While the impact of attacks vary depending on the business and the attack itself, the reality is that it has become a question of ‘when’ a business will be attacked, not ‘if’. Expecting attacks ensures that businesses are more prepared and have adequate controls in place to detect them and stop them before they can cause major damage. A swift response can help to minimise the impact of an attack, and the longer it takes the more damage is done and revenue is lost.
It is imperative for businesses to understand how long it will take them to recover from a backup, the financial impact of this and what the best approach is to handle an attack. While some businesses decide that paying the ransom may be the less disruptive option, this is not typically advisable because it means a business will likely be the target of repeated attacks in future. Aside from the financial implications of recovering data, there are other impacts to consider, such as loss of customer trust.
Basic cybersecurity is critical, otherwise businesses are leaving themselves wide open. However, simply having systems to notify of an attack is not sufficient if you cannot do anything to stop it. Managed services providers can help organisations leverage the solutions and skills one needs to ensure their security posture is adequate for their business needs. It starts with defining a baseline and then shoring up any vulnerabilities to ensure security is maximised in the most cost-effective way. In the case of cybercrime, fortune will favour the prepared. The more difficult your organisation is to breach the less likely you will be to experience successful and repeated attacks.