Interview with Kaspersky: Shining light on the local cyber security landscapeBy Ryan Noik 7 June 2022 | Categories: interviews
Cyberthreats and cybersecurity are dynamic, constantly changing and keeping every business on its toes. TechSmart’s Ryan Noik and Amir Kanaan, the Managing Director for Middle East, Turkey, and Africa at Kaspersky discuss the evolving landscape and what businesses can do.
RN: What stands out to you about the state of the current cybersecurity landscape at present locally, i.e., what would you advise South African companies and users to be particularly vigilant about at this time?
AK: Cyberthreats present an ever growing and diversifying set of challenges to security professionals, governments, organisations and individual users, alike. We can say with confidence that no one – entity or individual - is immune. But what is certainly notable is the increased cyberthreat activity that we have recorded and reported on in Africa. And we are seeing this in the very real cyber related attacks happening on various organisations in the market, across different industries.
If we consider the threat of ransomware alone, our research has found that in the first four months of this year, ransomware attacks in South Africa have doubled, when compared to detections of the same timeframe in 2021.
The latest edition of Kaspersky’s annual IT Security Economics report also shows a growing risk of cyberattacks happening through the third-party suppliers that organisations share their data with. As a starting point, local companies must ensure they only share data with reliable third parties and extend their existing security requirements to suppliers.
Then of course there is the very real and worrying risk of Advanced Persistent Threats (APTs) and more particularly for larger organisations and governments. APTs use continuous, clandestine, and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period of time with the purpose of stealing sensitive information. The consequences are often very destructive.
My top tips and advice to local organisations is to not only ensure they have affective cybersecurity protection in place, but to also focus on employee training around cyberthreats – especially because these threats are continuously emerging and evolving, and a well-informed workforce becomes a human firewall. Over and above these basic steps, we also advocate for organisations – regardless of sector – to invest in advanced threat intelligence. Having up to minute information on how to manage such a risk it essential for a business to remain protected.
RN: Are you seeing a big shift in pandemic related cybercrime now that countries appear to have more of a grasp on dealing with Covid - whether in the form of phishing scams or as people begin going back to the office or adopting a hybrid work approach?
AK: The good news is that COVID-specific phishing scams are steadily decreasing. The bad news is that phishing themes are becoming much more sporadic. Cybercriminals have also embraced social media to gather information and customise attacks to target specific individuals or organisations.
Beyond phishing, we have been seeing how threat actors are exploiting geopolitical situations both locally and internationally. Typically, these attacks take the form of APTs. And given the volatility of the market, many APT attackers have started going after cryptocurrency.
I would advise both organisations and individuals to remain cognisant of the fact that the pandemic has distributed the work force. There is no longer a stigma associated to working from home and as more people make remote work a more permanent way of life, cybercriminals will continue to target any gaps or weak links in work from home strategies. This also reiterates my top tips as mentioned above, particularly on ensuring that the basics are instilled – like ensuring that the organisation has affective security protection in place, continues to engage with and inform employees on new or “trending” scams, etc.
RN: What are some of the major cybersecurity trends that you see on the rise for the rest of the year, and how can companies best adapt to them?
AK: There are dozens of events happening daily that are constantly influencing changes across the cybersecurity landscape, and we are fortunate to have an expert-led research team who track these trends and apply their expertise to inform our predictions, which include:
- An increase in APT attacks – which as mentioned are a growing concern especially in South Africa. Our research has shown that the country is the third-most targeted on the continent, after Egypt and Nigeria.
- An increase in the number of attacks on cloud security and outsourced services. Numerous businesses are incorporating cloud computing and software architectures based on microservices and running on third-party infrastructure, which is more susceptible to breaches.
- A continued exploitation of work from home - cybercriminals will continue to leverage employees' unprotected or unpatched devices, whether a work provided computer, BYO devices and home fibre or Wi-Fi connections, as a way to penetrate corporate networks. Social engineering to steal credentials and brute-force attacks on corporate services to gain access to weakly protected servers will continue. I also expect that attackers will use even more sophisticated ways of targeting mobile devices especially given how many people are still working from home.
When it comes to staying in top of threats, my number one piece of advice is for companies to invest in threat intelligence. This involves being able to track, analyse, interpret and therefore mitigate constantly evolving IT security threats. By supplying an organisation’s IT security team with rich and meaningful context across the entire incident management cycle, the team can stay ahead of adversaries and have in-depth visibility into cyberthreats targeting the business.
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?