COVID-19 Cyber Threats: Ransomware
Hackers love South Africa, because cybersecurity measures are not as robust here, and even more so now during the COVID-19 pandemic, while a lot of employees are still working from home.
In 2019, South Africa had the third-highest number of cybercrime victims worldwide, even though we are ranking 25th in population, losing approximately R2.2 billion (US$147 million) a year to cyberattacks.1
According to a report, ‘100 Days of Coronavirus (Covid-19)’, recently done by Mimecast, there has been a 35% increase in malware detections, an increase in spam (26.3%), impersonations (30.3%) and unsafe URL clicks (55.8%).
Businesses no longer have the luxury of traditional defensive and office-based security models, and with such a drastic transformation in how workers operate remotely, the cyber risks have increased significantly.2
“Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the decryption key. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.”3
If an employee click on an unsafe link, the consequences to the company can be huge. In some cases, a form of ransomware will be downloaded to the company’s IT systems which can lead to mayor downtime, or loss of data. In 2019, ransomware cost businesses globally over £5 billion in ransom demands. That figure is likely to grow exponentially in 2020 due to the pandemic.
You might have heard about some of the following ransomware attacks:
- WannaCry – One of the most devastatingly in terms of losses (USD 4 billion), was launched in 2017.
- SamSam – Gained prominence in 2018 and caused a loss of about USD 30 million.
- Ryuk – Currently one of the most expensive ransomware in history, which already caused more than USD 60 million in damage worldwide.
Ransomware is now on sale on the dark web for as little as R1700 which makes it accessible to even unskilled cyber criminals.
Here are good security practices to prevent ransomware infection:
- Don’t install unfamiliar software or give it administrative rights.
- Install antivirus software which will prevent unauthorised applications from executing.
- Make sure your operating system is up to date.
- Back up your files. It won’t stop a ransomware attack, but can reduce the amount of damage.
Not sure whether your device is secure?
Contact LAWtrust regarding systems and services that can assist in making you more secure while working from home.
Business Insider SA. (2020, June 03). Hackers on the dark web love South Africa – here’s why we suffer 577 attacks per hour. https://www.businessinsider.co.za/sa-third-highest-number-of-cybercrime-victims-2020-6
2 Destiny Connect. (2020, June 30). Still haven’t logged off? Protect yourself from cyber-attacks while working remotely. https://www.destinyconnect.com/2020/06/still-havent-logged-off-protect-yourself-from-cyber-attacks-while-working-remotely/
3 Fruhlinger, J. (2020, June 19). Ransomware explained: How it works and how to remove it. https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html