By Carol Hildebrand for CSO

As the COVID-19 pandemic triggered a massive shift in internet usage, cybercriminals quickly pounced, launching more than 10 million distributed denial-of-service (DDoS) attacks aimed at crippling targets with a heavy reliance on online services. Attack frequency spiked 20 percent year over year and 22 percent for the last six months of 2020.

According to the most recent NETSCOUT Threat Intelligence Report, vital pandemic industries such as ecommerce, streaming services, online learning, and healthcare all experienced increased attention from malicious actors targeting the very online services essential to remote work and online life.

The top 10 vertical industries under attack in the second half of 2020 further illustrates the enormous impact COVID-19 has had on DDoS attack activity. Threat actors always have embraced an opportunistic pivot, and this was no exception as they enthusiastically flocked to the ensuing smorgasbord of new opportunities.

The top 10 are:

  1. Wired telecommunications carriers
  2. Data processing, hosting and related services
  3. Wireless telecommunications carriers
  4. Internet publishing and broadcasting
  5. Electronic shopping and mail order houses
  6. Electronic computer manufacturing
  7. All other telecoms
  8. Colleges, universities and professional schools
  9. Software publishers
  10. Computer training

The top three listed sectors fall under the category of Old Faithfuls because attacks on both subscribers and their operational infrastructures are inherent to their role as connectivity providers. However, attackers widened their target profile beyond typical targets as the massive shift to online work and play opened promising new avenues of attack.

For instance, the fourth sector—Internet Publishing and Broadcasting—is by no means a usual suspect in the NETSCOUT top 10. Its presence can be summed up in two words: Netflix and Zoom.

Similarly, online shopping, which grew an impressive 44 percent in 2020, represents another pandemic stalwart that came under increased attack, as did online learning. Interestingly, this activity was seen not only at the usual hot spots of colleges and universities but also at the high school and middle school levels.

With DDoS-for-hire services both readily available and incredibly cheap, it seems likely that budding online delinquents set about playing hooky on an internet scale.

 

Final countdown to POPI Act

Source: Lexology

There is less than a month to go before South Africa’s Protection of Personal Information Act, 2013 (“POPIA”) is set to go into full effect on 1 July, 2021.

It is critical for organisations operating in South Africa to ensure that they are ready if and when the Information Regulator comes knocking.

It is only when organisations start their POPIA journey that they realise just how wide the POPIA net is cast, and that very few businesses fall outside of its reach. The road to POPIA compliance should be viewed as a marathon, and not a sprint. While implementing and maintaining an effective POPIA compliance program will take continued effort and resources well beyond the July 1, 2021 go-live date, here we outline five steps to which companies subject to POPIA should give their attention in the short term.

Step 1: Identify and appoint an Information Officer

POPIA provides for a similar position as the GDPR’s data protection officer in the form of an “Information Officer.” Organisations subject to POPIA must identify an Information Officer who will be responsible (and who may be held personally liable) for, among other things, all of the organisation’s data protection compliance requirements, working with the Information Regulator, establishing policies and procedures, and POPIA awareness and compliance training.

The “head” of the organisation (i.e., the CEO, managing director, or “equivalent officer”) is automatically deemed the organisation’s Information Officer, however, the organisation can “duly authorise” another person in the business (who is at management level or above) to act as Information Officer. Similarly, the organisation can designate one or more employees (also at management level or above) to act as “Deputy Information Officers” to assist the Information Officer perform his or her responsibilities. Both the Information Officers and Deputy Information Officers must be registered with the Information Regulator before the end of June 2021, via the Information Regulator’s Online Registration Portal, or by submitting the downloadable Manual Registration Form to the Information Regulator.

Step 2: review the organisation’s marketing practices

While many organisations may not consider themselves to be engaging in so-called “direct marketing” practices, this concept is widely defined in POPIA to include “any approach” to a data subject “for the direct or indirect purpose of […] promoting or offering to supply, in the ordinary course of business, any goods or services to the data subject […].” POPIA provides data subjects with certain rights with respect to unsolicited “electronic communications” (i.e., direct marketing by means of automatic calling machines, fax machines, SMSs, or emails). The processing of a data subject’s personal information for the purposes of direct marketing is prohibited, unless the data subject has consented to the processing, or the email recipient is an existing customer of the organisation.

In practical terms, the organisation must have obtained the data subject’s details through the sale of a product or service, and the marketing should only relate to similar products or services of the organisation. The data subject must be given a reasonable opportunity to object to the use of their personal information for marketing each time the organisation communicates with the data subject for marketing purposes, i.e., recipients must be able to “opt-out” at any stage. Potential new customers can only be marketed with their express consent, i.e., on an “opt-in” basis.

Step 3: Review the organisation’s security measures

POPIA obliges organisations to take appropriate technical and organisational measures to safeguard the security and confidentiality of personal information – aimed at preventing any loss, damage to, or unauthorised destruction of personal information, including measures to prevent unlawful access to, or processing of personal information under the organisation’s control.

There is a general data breach notification obligation under POPIA. Where there are reasonable grounds to believe that a data subject’s personal information has been accessed or acquired by an unauthorised person, the organisation, or any third party processing personal information under its authority (e.g., an outsourced payroll service provider), must notify the Information Regulator and the data subject of the data breach “as soon as reasonably possible,” unless the identity of the data subject cannot be established. It is therefore crucial that organisations ensure that they have an effective data security incident protocol in place, which will allow them to comply with the breach notification obligations under POPIA, and avoid falling under additional scrutiny.

Step 4: Review the organisation’s existing data transfer and outsourcing arrangements

POPIA generally applies not only to organisations that process personal information in South Africa, but also to any person or company that processes personal information on behalf of the organisation – commonly referred to as a “processor.” POPIA also applies to organisations outside of South Africa that process personal information in South Africa with the assistance of a third party (e.g., a channel partner, or outsourced service provider). Where any processing of personal information is outsourced by an organisation, it must, in terms of a written contract between it and the processor, ensure that the party processing personal information on the organisation’s behalf establishes and maintains appropriate security measures as prescribed under POPIA.

POPIA contains a general prohibition on cross-border transfers of personal information. However, this prohibition is subject to numerous exceptions, including: (1) where the data subject consented to the transfer; (2) the transfer is necessary for the performance of a contract between the company and the data subject; (3) the transfer is necessary for the conclusion or performance of a contract between the company and a third party that is in the interest of the data subject; or (4) the transfer is for the benefit of the data subject. Where personal information is being transferred to a third party outside of South Africa, the company must ensure that the recipient of the personal information is subject to a law, binding corporate rules, or binding contract which provide an adequate level of protection that effectively upholds POPIA’s principles for reasonable processing, and that include provisions substantially similar to the conditions for the lawful processing of personal information, and for the further transfer of personal information under POPIA.

Step 5: Deliver POPIA awareness training

POPIA awareness training is a not only a valuable tool for organisations to promote compliance, it is also a requirement under the POPIA Regulations. The Information Officer must ensure that awareness sessions are conducted regarding the provisions of POPIA, the POPIA Regulations, codes of conduct (where applicable), as well as any information that is obtained from the Information Regulator from time to time.

 

Source: IOL

Giant South African retail chain Shoprite Group have tightened the screws on criminals targeting its stores.

The supermarket chain said that its efforts to prevent crime and the protect its customers and employees by employing a team of security experts comprising of ex-police officers and using technology has resulted in a 16% year-on-year decline in violent and serious crime, including armed robberies and burglaries, from July 2020 to May 2021.

The in-house team – operating from a centralised command centre – is involved in the entire process from identifying suspects to their arrest, being in court to oppose bail, working with police to ensure they have a complete and accurate docket, working with the National Prosecuting Authority and providing evidence in court, to do everything it can to ensure criminals are prosecuted.

Shoprite said crime and high risk situations are picked up through store and fleet monitoring, live information feeds and the group’s intelligence network, and security devices are immediately triggered.

When robberies do take place, the team is proving highly effective in securing arrests and prosecution, and the Group is becoming known for its capability to identify, trace and arrest suspects.

Head of Group Security & Loss Prevention, Oswald Meiring, believes Shoprite is a retail industry leader with its initiatives which are centred around a team of in-house investigators, which include former police members and detectives, with a unique mix of skills and extensive experience in commercial crime, fraud, serious and violent crime.

The team’s network includes informants, third parties working exclusively for it and an expert criminal lawyer.

The command centre team makes extensive use of technology and software systems including electronic dockets, suspect photo albums and evidence files.

A team of data and crime analysts do predictive analysis, identify suspects, and link suspects to each other and to the crime scene.

This technology, including video footage and a chain of evidence, has been critical in court proceedings.

The net result is that the investigation team made 752 court appearances, including postponements, bail, testifying and sentencing, in the 11 months from July 2020 to May 2021.

It secured 64% more guilty findings and/or convictions than the previous 12 months, amounting to 303 years and six months of prison sentences and 46 years and six months of suspended sentences.

The team has been instrumental in 200 arrests in the first 11 months of this financial year. The majority (54%) of crimes currently in court are for armed robbery, 26% are for theft and the rest include crimes such as arson, assault, looting, burglary and fraud.

As some cases were postponed in the last year due to lockdown restrictions, the team is currently in court every day.

Meiring says the Group focuses on fighting crime because it is the right thing to do as a concerned and responsible corporate citizen. “We also believe that securing arrests and sentences for crimes acts as a deterrent and ultimately reduces crime. We believe this is an important element of our contribution to make South Africa a safer environment for everyone.”

The Shoprite Group encountered specific lockdown-related challenges and benefits. Increased unemployment led to more opportunistic crimes, and mask-wearing made it more difficult to identify suspects. However, suspects couldn’t move around freely, resulting in increased arrests, while curfew hours also assisted in detecting criminal activity quicker and easier.

The Group appeals to members of the public to report any suspicious or criminal behaviour immediately and anonymously by calling its toll-free number 0800 11 88 79 or by sending an email to service@asesa.co.za.

 

By Ahmore Burger-Smidt and Nyiko Mathebula for Werkmans

President Cyril Ramaphosa has just signed the Cybercrimes Bill, which seeks to bring South Africa’s cybersecurity laws in line with the rest of the world, into law. This Bill which is now an Act of Parliament creates offences for and criminalises, amongst others, the disclosure of data messages which are harmful.

Examples of such data messages include:

  • Those which incite violence or damage to property;
  • Those which threaten persons with violence or damage to property; and
  • Those which contain an intimate image.

Other offences include cyber fraud, forgery, extortion and theft of incorporeal property. The unlawful and intentional access of a computer system or computer data storage medium is also considered an offence along with the unlawful interception of, or interference with data.

This creates a broad ambit for the application of the Cybercrimes Act which defines “data” as electronic representations of information in any form. It is interesting to note that the Act does not define “cybercrime” but rather creates a number of offences such as those canvassed above.

There is no doubt that the Cybercrimes Act will be of particular importance to electronic communications service providers and financial institutes as it imposes obligations upon them to assist in the investigation of cybercrimes, for example by furnishing a court with certain particulars which may involve the handing over of data or even hardware on application. There is also a reporting duty on electronic communications service providers and financial institutions to report, without undue delay and where feasible, cyber offences within 72 hours of becoming aware of them. A failure to do so may lead to the imposition of a fine not exceeding R50 000.

A person who is convicted of an offence under the Cybercrimes Act is liable to a fine or to imprisonment for a period of up to 15 years or to both a fine and such imprisonment as may be ordered in terms of the offence.

It is further interesting to note the impact this Act will have on businesses, especially considering its overlap with the Protection of Personal Information Act 4 of 2013 (POPIA), amongst other regulatory codes and pieces of legislation. POPIA, which deals with personal information, aims to give effect to the right to privacy by protecting persons against the unlawful processing of personal information. One of the conditions for lawful processing in terms of POPIA is security safeguards which prescribes that the integrity and confidentiality of personal information must be secured by a person in control of that information. This is prescribed by POPIA in order to prevent loss, damage or unauthorised access to or destruction of personal information. POPIA also creates a reporting duty on persons responsible for processing personal information whereby they must report any unlawful access to personal information (data breach) to the Information Regulator within a reasonable period of time.

In light of the above, companies should be cognisant of their practices especially in dealing with data or information. The value of data as an asset, the oil of the new economy, cannot be understated. To quote the CEO of Apple, Tim Cook:

“We shouldn’t ask our customers to make a trade-off between privacy and security. We need to offer them the best of both. Ultimately, protecting someone else’s data protects all of us.”

By Jan Vermeulen for MyBroadband

A growing number of South Africans are falling victim to online shops that pop up overnight, rake in thousands of rands by offering great deals, and then disappear with the money.

The South African Banking and Risk Information Centre issued a warning ahead of the Black Friday and festive shopping seasons last year, warning South Africans to only shop at reputable online stores.

“Be wary of unfamiliar e-commerce sites, especially if they do not redirect you to confirm your transaction via your bank’s 3D secure page or via your own bank’s mobile app before you pay,” it said.

One such online retailer that appears to have run off with at least R340 000 of people’s money is MrShopper.co.za, Carte Blanche reported on Sunday. MyBroadband assisted with the investigation.

Clients ordered everything from pool cleaner to PlayStation consoles through Mr Shopper, only to be met with delays, excuses, and ultimately silence.

At the time of publication, review aggregator Hello Peter had 1,376 posts about Mr Shopper on its platform, most of them negative and describing that customers did not get the goods they ordered.

Based on the timestamps of the reviews on Hello Peter, Mr Shopper was in business from as early as August 2020 and did initially deliver items that were ordered through its website, albeit extremely slowly.

Early reviewers complained about constant delivery delays and lack of communication from Mr Shopper, but several reported that they did eventually receive their orders. Some complained that their items arrived damaged.

In the lead-up to Black Friday (27 November 2020) the complaints about Mr Shopper started changing — more customers reported that they have not received their orders and that they were struggling to get any feedback.

As of May 2021, 75% of HelloPeter reviews are 1-star reviews, the bulk of which are complaints about orders not being delivered and refunds not being processed as promised.

Mr Shopper responded to some of the reviews on Hello Peter in which customers accuse it of being a scam. In these responses it usually apologised for the inconvenience and stated that it had processed a refund.

However, most of the complaints on Hello Peter do not feature a response from the online store.

MyBroadband has seen a list of complainants which shows that at least 59 people have reported not receiving their orders from Mr Shopper with a combined value of R341,632.45.

Screenshot of Google Street View of Mr Shopper’s listed address — 98 Richards Drive, Halfway House
Google Street View of Mr Shopper’s listed address — 98 Richards Drive, Halfway House
Carte Blanche and MyBroadband were not the only news outlets to investigate complaints about Mr Shopper. The Devi Show also aired a report about its investigation into the online retailer this past week.

In an interview with one of the neighbouring businesses at Mr Shopper’s published address, the Devi Show reported that the online retailer first occupied its offices at 98 Richards Drive in Midrand during September or October 2020.

“They disappeared in February,” neighbour Dave Lourens told the Devi Show.

According to Lourens, Mr Shopper never used its premises to hold stock and clients who arrived at the address to try and collect their orders were told to wait for their items to be delivered by courier.

The Devi Show also reported that the FNB account used by Mr Shopper was closed, but not before R10 million had flowed through it.

Carte Blanche was able to trace the registration of the Mr Shopper website to a woman called Anelissa Ncamisa.

Initially Ncamisa admitted to Carte Blanche that she was involved with Mr Shopper along with four other people, but in a subsequent interview she denied owning or being involved with the online retailer.

She claimed that her name being linked to Mr Shopper was a case of identity theft.

Screenshot of a complaint about Mr Shopper on Hello Peter
Complaint about Mr Shopper on Hello Peter
MyBroadband contacted the various email addresses and phone numbers linked to Mr Shopper, including one listed in an Android app that has since been pulled from the Google Play store.

Ncamisa did not respond to our requests for comment. However, we did receive call back from a man who identified himself as Brian Mawela.

The name “Brian” appears in several of the reviews on Hello Peter. One review mentions him by his full name.

Mawela called MyBroadband in response to a set of questions sent via WhatsApp to a mobile phone number that was listed as belonging to Anelissa Ncamisa.

“I was working for that company [Mr Shopper],” Mawela told MyBroadband. “I actually had a perspective towards the whole thing and I don’t believe that it was actually… I wouldn’t say it was scam.”

Asked why he was calling from a cellphone number listed as belonging to Ncamisa, Mawela said that he doesn’t know who she is and that he received the number from the company.

Asked who owned the company if not Ncamisa, Mawela said that there was a board of directors.

Mawela’s claim that Mr Shopper had a board of directors is curious, as there is no record of the company — let alone a board of directors — in the Companies and Intellectual Property Commission database.

According to Mawela, he worked at Mr Shopper as a sales executive and had been at the company since around the end of 2019. Mawela indicated that he had not been at the company since the beginning, as it had launched in 2017.

This was also a curious statement from Mawela, as the earliest record of the existence of Mr Shopper’s online portal is February 2020. The company’s social media accounts were also only created in 2020.

Disregarding these inconsistencies for the moment, Mawela said that Mr Shopper came under a lot of pressure after a website crash on Black Friday 2020. The company failed to contain this pressure, causing a substantial backlog that landed it in a “huge predicament”.

Mawela said that Mr Shopper was slowly clearing its backlog and dealing with customer complaints on Hello Peter, but then Afrihost blocked its domain and cut the company off from important client information.

“We ended up not having access to information — who was refunded, who was owed [what],” stated Mawela.

“At that point it really started to go bad.”

Mawela said that a single customer complaint to its web hosting provider, Afrihost, caused Mr Shopper to be taken down.

After the complaint was resolved and the customer refunded, Afrihost did not reinstate Mr Shopper’s domain, Mawela stated.

The customer who lodged the complaint with Afrihost disputed this version of events, saying that they were never refunded.

MyBroadband contacted Afrihost to find out why the Mr Shopper website was taken down, and the hosting provider said it was suspended for non-payment.

This presents another curious contradiction — considering that Mr Shopper’s website was essential for the company’s survival, why not simply pay its hosting bill?

Mawela said that he would forward our questions “up the chain” to the Mr Shopper board of directors, but we never received any further feedback from the company.

 

According to a recent Business Tech article, businesses are often unaware that by giving a third-party or software programmes access to their financial information, they are potentially being exposed to the risk of screen scraping. This is a data gathering technique that tricks users into providing internet banking login details to a third-party website.

  • The third-party logs onto to your Internet banking using your details. This exposes you to potential risks of fraud, financial crime and data privacy risks
  • There are risks associated with instant online EFT (electronic fund transaction) payments
  • There are risks for businesses that sign over authority to a third party to access their banking and client information
  • The most common screen scraping from a business perspective would be when businesses use software that are authorised to access banking transactions.
  • This may also leave your business vulnerable to third parties accessing your company data and even that of your clients.
  • Companies that use screen scraping to facilitate transactions on your behalf may have no intention of compromising your account or committing fraud, but the risk remains.

FNB: how to protect your company data

  • Be vigilant when it comes to reading through any terms and conditions on any software or website before you click “accept”.
  • Make use of an application security testing tool before you sign any agreements authorising access to your company data.
  • Cloud-based software is not without its own risks. Insist on having both testing and sandbox environments, providing analysis for security gaps.
  • Find out from your third-party software vendors if they use open-source tools in their product. How they deal with open source can be a high risk if not done properly.
  • Do not share login credentials with any third parties and never enter these into any third party websites other than their own bank’s legitimate platforms.

Beware of this banking scam

The Ombudsman for Banking Services (OBS) says it continues to receive complaints on a daily basis from consumers who were deceived into providing confidential banking information to fraudsters.

  • The OBS recorded more than 640 new fraud complaints
  • A bank customer will receive a phone call from someone who says they are from the customer’s bank
  • The customer is informed that funds have been fraudulently taken from their account or that they (the bank representative) is helping the customer to claim from a rewards program that is offered by the bank. For this to take place, the customer needs to confirm their details so that the funds can be credited to their account.
  • Alternatively, customers are told that they need to act quickly and urgently, as fraudsters “are about to take funds out of their account, but this can be stopped, if they act quickly and co-operate”
  • The fraudster already has the customer’s phone number (he/she is calling the customer) and may have a host of other personal information at his/her fingertips. This includes addresses, ID numbers, other contact details, email addresses, employment details, or NB even a customer’s bank card number.
  • The customer is asked to update or verify their details, possibly on their cell phone.
  • The customer is then requested to provide everything required to access their bank account, such as card details, the cards pin number, transaction OTPs, and mobile or internet banking passwords. The fraudster says that this is necessary for them to assist the customer, to redeem the rewards, to do a transaction, stop a fraudulent payment, or recover the stolen money.
  • Once the customer has provided the requested details, their accounts are emptied.
  • This scam is devastating to elderly citizens and pensioners
  • It is not possible to recover any of the funds which have disappeared
  • Unless the money is stolen at the bank or lost through the fault of an employee or a technological glitch at the bank, it is ultimately up to consumers to do all they can to protect themselves by staying informed about banking scams

Source: IOL

Security researchers have found that phishing emails are more likely to originate from certain countries in parts of Eastern Europe, Central America, the Middle East, and Africa.

The country where emails originate and the number of countries they are routed through on the way to their final destination offer important warning signs of phishing attacks.

For the study, researchers at cloud-enabled security solutions provider Barracuda Networks teamed up with Columbia University researchers.

They examined the geolocation and network infrastructure across more than two billion emails, including 218,000 phishing emails sent in the month of January 2020.

In phishing attacks, attackers use social engineering tactics to lure victims into providing personal information such as usernames, passwords, credit card numbers, or banking information.

Thus, to detect the same, the entire focus should be on the content of phishing emails and the behaviour of attackers.

As phishing attacks become more complex, increasingly sophisticated methods are required to defend against them.

After analysing the geography of phishing emails and how they are being routed, Barracuda researchers identified that over 80 per cent of benign emails are routed through two or fewer countries, while just over 60 per cent of phishing emails are routed through two or fewer countries.

Senders that produce a higher volume of phishing emails (more than 1,000 emails in the dataset) with a higher probability of phishing originated from countries or territories including (in descending order) Lithuania, Latvia, Serbia, Ukraine, Russia, Bahamas, Puerto Rico, Colombia, Iran, Palestine and Kazakhstan, said the study.

These are some of the territories from where senders produce a higher volume of phishing emails with a higher probability of phishing.

“With phishing attacks expected to play a dominant role in the digital threat landscape and cybercriminals adjusting their tactics to bypass email gateways and spam filters, it’s crucial to have a solution that detects and protects against spear-phishing attacks, including brand impersonation, business email compromise, and email account takeover,” Murali Urs, Country Manager of Barracuda India, said in a statement.

“Deploy a solution that doesn’t rely on malicious links or attachments but uses machine learning to analyse normal communication patterns within an organisation to spot anomalies that may indicate an attack.”

Meanwhile, employees should be provided up-to-date awareness training for recognising attacks and knowing how to report them to IT right away, Barracuda Networks said.

 

By Loyiso Sidimba for IOL

The Labour Court has ordered the dismissal of an employee who refused to self-isolate and continued working despite testing positive for Covid-19.

Labour Court Judge Edwin Tlhotlhalemaje overturned the Commission for Conciliation, Mediation and Arbitration’s (CCMA) decision to hand Eskort assistant butchery manager Stuurman Mogotsi a final written warning.

Mogotsi was found guilty in the internal disciplinary process and fired in September last year.

However, after referring an unfair dismissed case at the CCMA he was handed a final written warning and reinstated.

Eskort approached the Labour Court to challenges the CCMA ruling.

The CCMA had found that Eskort’s disciplinary code and procedure called for a final written warning in such cases and failed to justify the sanction of dismissal and ruled that Mogotsi must be reinstated retrospectively, without back-pay and given a final written warning.

On March 18, Judge Tlhotlhalemaje reviewed and set aside the CCMA award and substituted the ruling with an order that Mogotsi’s dismissal was substantively fair.

Mogotsi had been found guilty of gross negligence in that after receiving his Covid-19 test results, which were positive, he had failed to self-isolate, continued working for three days and put the lives of his colleagues at risk.

In the three days he continued working after testing positive for Covid-19 he failed to follow workplace health and safety protocols and to adhere to social distancing and personally came to work to hand in a copy of his results.

Judge Tlhotlhalemaje described Mogotsi’s actions of not informing his employer about his results, hugging fellow employees, walking around his workplace without a mask as extremely irresponsible in the context of the Covid-19 pandemic, and therefore grossly negligent.

“For reasons which are clearly incomprehensible, Mogotsi had through his care-free conduct, placed everyone he had been in contact with whether at the workplace or at his residence at great risks,” reads Judge Tlhotlhalemaje’s ruling, for which he delivered reasons on March 28.

In his defence, Mogotsi claimed he did not know that he needed to self-isolate, despite being a member of the in-house Coronavirus site committee.

After testing positive Mogotsi was found hugging a fellow employee who had undergone a heart operation five years earlier and had recently experienced post-surgery complications.

”In the midst of all the monumental harm he had caused, and which was clearly foreseen, Mogotsi could only come up with the now often used defence that he was victimised. At no point did he show any form of contrition for his conduct,” Judge Tlhotlhalemaje found, adding that Mogotsi was not only grossly negligent and reckless, but also dishonest.

The judge described the facts of the case as “indeed extraordinary”.

 

Source: OFM

More than 40% of victims of ransomware attacks in South Africa pay the cybercriminals responsible to try to secure or recover their data. But in many cases, the crooks simply disappear with the money.

This is according to a new report from security firm Kaspersky, which said 42% of local ransomware victims coughed up money to recover their data.

Whether they paid or not, only 24% of victims were able to restore all their encrypted or blocked files following an attack. Sixty-one percent lost at least some files; 32% lost a significant amount; and 29% lost a small number of files. Meanwhile, 11% who did experience such an incident lost almost all their data, Kaspersky said.

According to TechCentral, Marina Titova, head of consumer product marketing at Kaspersky, said handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice. Kaspersky always recommends that those affected by ransomware should not pay as that money supports this scheme to thrive.

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top