There can be no doubt that cybersecurity should be top of mind for most, if not all businesses. This became increasingly apparent during a recent round table at the Check Point Experience event held in Lonehill. As outlined in Part 1, the reasons are many. These range from South Africa now being as vulnerable to cyberthreats as the rest of the world, to more people being able to launch a cyberattack with little or no coding experience needed.

Only exacerbating matters is the growing use of mobile devices to access both work and personal data on the same device. Ryan McGee, the mobility sales leader for Middle East and Africa at Check Point, explained that this brings whole new ways to launch attacks against  people. “Users tend to not be as aware of security on their mobile devices, and often blindly trust that the Wi-Fi they use in a coffee shop or airport is not being intercepted,” he warned.

McGee added that even as many mobile websites and apps do have a level of security, such as https in the URL, often people don’t check whether the Wi-Fi they are using is secure.

Evan Dumas, Head of Emerging Technologies, APAC, Middle East and Africa, Check Point Software  

Watch your weekend

Evan Dumas, the head of emerging technologies for Asia Pacific (APAC), Middle East and Africa, added that organisations further need to take into account that attackers have become both  smart and strategic with regards to the proximity and timing of their attack.

While they tend not to launch attacks on businesses in their own region, they have no problem doing so across borders on a weekend, for example. “For people who are catching up on some work on the weekend, that is when they are more likely to be caught off guard, with much damage being done to a company’s security or large amounts of data being compromised before the next week begins,” he elaborates. And, much like shopping centres and banks know that they are more vulnerable to heists ahead of and during the holiday season, so too do cybercriminals take advantage of holidays, when IT teams are more likely to be away or short-staffed.

Justin Berman, the security engineer and in charge of  IoT devices and industrial control system security at Check Point, noted that part of the problem locally is that there is too often a lack of awareness of when breaches occur. “Cyberthreats tend to only make the news if they are government related, while millenials just aren’t interested in cybersecurity - and often they are the ones that need it the most,” he added.  

Twisted motivation

So who is doing the attacking, and why? You would be forgiven for thinking it is teenagers in hoodies, sitting in their bedroom, which is typically how hackers are portrayed. The truth, however, is more complex, explains Berman. Attackers include highly organised syndicates who approach cybercrime like any conventional business, complete with a channel of distribution in place, a business strategy and even regular working hours and holidays. They are usually deploying ransomware and malware purely for financial gain.

Then there are those cybercriminals who do industrial espionage, often acting on the behalf of a client. As well, continues Berman, cybercriminals include teenagers with some skills who just want to see how far they can get into a company’s security, often for infamy. This broad array is rounded off by attackers who are purely being malicious, and on the other end of the spectrum,  hacktivists, who perform attacks out of a sense of exacting social justice or retribution.

Tony Jarvis, Chief Strategist for Threat Prevention, APAC, Middle East and Africa, Check Point Software

Assessing priorities

Clearly, there is good reason for companies to make security a top priority. But despite the threat landscape, the greater vulnerability that the use of mobile presents, and the array of cyberattackers out there, very few actually do, reveals Tony Jarvis, the chief strategist for threat prevention, Asia Pacific (APAC), Middle East and Africa at Check Point.

“Even when they do understand the risks, companies tend to be more reactive; there are very  few who are proactive,” he laments.  Additionally, as attention shifts from one threat to the most recent one, companies forget that attacks launched six months ago don’t actually go away, and sometimes they can be even more dangerous than the current cyberattack getting headlines. For example, WannaCry, which really did make affected businesses want to weep, is still in circulation.

Countermeasures and Staying Safe

Short of sticking one’s head in the sand, or running screaming for the hills, neither of which are viable methods for dealing with the reality of cyberthreats, there are actions that individuals and organisations can implement.

Berman notes that how deeply users deploy security measures is going to depend on one’s budget and user case scenario. Clearly, an individual’s security needs are going to be less critical than those of a power utility, for whom a breach can be disastrous, and who may want access to a 24-hour disaster recovery team.

He encourages users to employ a Virtual Private Network (VPN) where possible when connecting to the internet. For businesses, he advises organisations to look at software that can segment a user’s data between their business and their personal information, and to use authentication to determine when a user has access to the corporate network. This ensures that, should a business user be travelling and use unsecured hotel Wi-Fi, their device would not be granted access to the company network until it can be affirmed as being on a safe connection.

Businesses beware

The bottom line from the event was simply this: cybersecurity is now essential. The possibility of being breached, hacked or the unwitting victim of cybercrime has become comparable to being struck by lightning - if you were standing on a wide open golf course while holding two golf clubs high in the air, in the midst of the fiercest thunder and lightning storm to date. It’s less a matter of if, and more a matter of when.