Africa’s leading cyber security firm, LAWtrust, has warned that South African businesses must act to protect themselves and their customers – as the world battles a second wave of cyber attacks in the past month.
Speaking as Russia, the Ukraine and the US fend off the Petya ransomware attack, Dr Aleksandar Valjarevic, a security expert at LAWtrust, says that South African companies can no longer rest on their laurels when it comes to cyber security.
He says that while companies running vulnerable computers and have not installed updates to their operating systems, are more vulnerable to Petya and similar malware, no South African business is immune.
“These threats must be taken seriously. Businesses must act to protect themselves and their customers; these kinds of attacks can have a serious impact on the functioning of individual organisations, as well as on their bottom lines,” he says.
“From the impact we can see in the Ukraine where banks, airports and Government have been hit, it is clear that these cyber-attacks can negatively impact the functioning of whole countries. Governments and businesses must work together to protect critical systems and to protect citizens and clients.”
The Petya malware has already claimed victims around the world, from advertising and shipping companies to energy companies and government agencies.
There have also been reports of South African companies having been attacked.
Companies that have fallen victim to Petya, are likely to have underestimated the threat level posed to their organisation after surviving WannaCry, as similar weaknesses have been exploited in Microsoft operating systems with this newest attack.
Valjarevic says that the technology that Petya uses is similar to WannaCry as it “uses the same vulnerability, but works a bit differently”.
Reports of the first attack appeared on Tuesday, 27 June 2017. The virus encrypts and locks user data until a demand to pay $300 in Bitcoin has been paid upon which the data will be unlocked. According to the most recent reports, however, the email address to which victims must send confirmation of payment of the ransom has been disabled, which means they cannot in turn receive a key to unlock their data.
“There is limited impact for now (it looks like most computers that were vulnerable have been patched), but the true impact of this new attack will be seen in the coming days,” says Valjarevic.
“What we can see is that Petya attack is more vicious from a technology point of view and it seems like it is a more targeted attack, as most of the victims are big companies and Government agencies, although the affected numbers are smaller than was the case with the WannaCry attack.”
LAWtrust recommends South African businesses and individuals take the following steps to protect themselves from Petya and similar cyber attacks:
- Keep your operating system and your applications up to date
- Organisations must raise awareness among staff with regard to information security
- Treat email communication carefully – especially unsolicited emails. Do not open links or attachments if you do not know what these are. Confirm with the email sender if needed
- Back up your data regularly and have a recovery plan in place
- Encrypt your sensitive data, especially the private data of clients
- Put measures and technology in place to help your clients be able to identify emails and documents originating from your organisation (such as use of digital signatures, email encryption, secure portals, etc.)
The costs of data breaches for South African companies continues to rise, with an increase of 12% in 2017 compared to 2016.
"The latest statistics show us in numbers what we see every day, and the problem is likely to get worse before it gets better," says Maeson Maherry, the head of solutions at LAWtrust.
"What we know from research by the Ponemon Institute is that over the next five years, 60% of South African companies will likely suffer a data breach," Maherry says. “It is worth noting that the study recognised using an encryption solution is a successful mitigating factor that reduces overall costs of data breaches.”
"The average cost of a breach to a South African company this year was R32.4-million, up from R28.6-million last year," Maherry says, citing the latest research from the Ponemon Institute.
LAWtrust is the leader in identity-based security in Africa. Founded in 2006, LAWtrust is a trusted secure digital identities, cryptographic and digital partner for some of Africa’s largest and most highly regulated organisations. LAWtrust is a pioneer in its field, and a recognised expert in compliance and security. Among its clients are leading telecommunications, financial services and industrial companies with cross-border operations, and high-value government departments.