Source: ITWeb

In 2020, Kaspersky detected a global average of 360 000 new malicious files each day, an increase of 5.2%, or 18 000 more, compared to the year before.

According to the security giant, this was influenced largely by a significant growth in the number of Trojans and backdoors, with a 40.5% and 23% increase respectively.

These were the findings of the Kaspersky Security Bulletin: Statistics of the Year Report.

Adware declines
On the plus side, adware is on the decline globally, and this scourge experienced a 35% decrease when compared to the previous year. However, not all regions were so lucky, with some noting an increase. In SA, for example, by the end of October last year, the average adware notifications per user increased slightly to over 33 in comparison to 32 for the whole of 2019.

It was also expected that for the duration of 2020, more than 256 000 South Africans would have been hit with adware.

The vast majority of malware detected, nearly 90%, occurred via Windows PE files – a file format specific to Windows operating systems. Concurrently, the number of new malware related to Android operating systems dropped by 13.7%.

Capitalising on remote workers
Given that remote working and studying were the order of the day during the pandemic, most likely on computers and laptops, threat actors seem to have shifted their focus to these devices.

Kaspersky saw a 27% increase in the number of different scripts – sent via malicious e-mail campaigns or encountered on infected Web sites, which could, once again, reflect the fact that people spent more time on the Internet and cyber criminals hoped to capitalise on that.

Denis Staforkin, a security expert at Kaspersky, said the rise in the number of malicious objects detected during 2020 can be attributed to the pandemic, as users across the globe were forced to spend more time on their devices and online.

“It’s hard to know whether or not attackers were more active or our solutions detected more malicious files simply because of greater activity. It could be a combination of both. Either way, we have registered a noticeable increase in the number of new malicious files in 2020, and this will most likely continue in 2021 as employees continue to work from home and countries implement different restrictions. However, if users take basic security precautions, they can significantly lower their risk of encountering them,” he says.

Better than cure
In order to stay protected, Kaspersky recommends that users pay close attention to and don’t open any suspicious files or attachments received from unknown sources. Also, the company advises to double-check the URL format and company name spelling before you download anything, to not download and install applications from untrusted sources, or click on any links received from unknown sources and suspicious online advertisements.

“Create strong and unique passwords, including a mix of lower-case and upper-case letters, numbers and punctuation, and activate two-factor authentication. Also, always install updates. Some of them may contain critical security issues fixes.”

Finally, Kaspersky counsels to ignore messages asking to disable security systems for office software or antivirus software, and to always use a robust security solution appropriate to the system type and devices.

 

By Johan Scheepers, country head at Commvault South Africa

The Covid-19 pandemic forced many businesses to swiftly adapt to a digital world. Working from home is set to become the ‘new normal’ for many workers who previously went into a corporate office environment. But protecting businesses from the effects of the pandemic goes beyond simply keeping employees safe and healthy. In addition to driving a growing Work From Home (WFH) movement, the rapid digital shift also sent cybercrime into overdrive. Businesses that do not prioritise data management in this digital world place themselves at a serious risk of security and compliance issues.

Data governance has not changed

Although the physical boundaries of many organisations have shifted to include a remote workforce, the policies around data governance and data protection have not changed. In fact, it is important to be more vigilant than ever, and actively work to extend these policies and processes to the edge.

WFH makes data more vulnerable, because of the many new toolsets it introduces as well as the potential for data to be stored in unsanctioned locations and on unsecured devices. Collaboration tools by their nature require the sharing of data, which can create a sensitive data risk if these tools are not brought into the data management strategy. Remote workers may also be saving sensitive files on the endpoint devices, which further complicates data governance. Endpoints are one of the biggest data risks, especially when it comes to highly targeted spear phishing attacks.

Access and permissions need to be managed

WFH highlights the risk of data access and permission – for example, a person may download a file, and then email it to their personal account, save it on their laptop and then send it to colleagues for comment. This generates multiple versions of files that may contain sensitive information. In turn, this not only creates additional vulnerabilities, but makes compliance with the Protection of Personal Information Act (PoPIA) and other data protection legislation like the General Data Protection Regulation (GDPR) practically impossible.

Organisations need to be able to identify sensitive data as well as whether or not employees actually need to be able to access it. It is also important to put policies in place around what can be done with the data if it is permissible to access it. Should employees be able to download it? Where should they be able to save it? How should they be permitted to share it? This is crucial for governance as well as compliance purposes.

On the hotlist

Security and compliance are always essential, but even more so in the current climate. South Africa is a hot target at present, and many large organisations have been hit with ransomware in recent times. Security is obviously paramount, but alongside it is the need to educate users about security risks. An organisation’s network is like an egg – the shell is tough, but once it is penetrated the insides are an easy target. The WFH movement has simply increased the attack surface, or the soft part of the egg, and bad actors are using this to their benefit to speed up ransomware attacks.

Compliance regulations enforce the protection of company data by law, but the reality is that data management is necessary and even beneficial, even without the risk of fines and reputational damage. Data protection itself has come a long way over the years and is now offered as a service that runs seamlessly in the background, so it is not an invasive practice. This needs to be combined with a single, cohesive view of data across the organisation, to improve efficiency and mitigate risk.

At the edge

The edge is the most vulnerable point of any network, and with the edge now extended into homes and remote offices, data management is key. This multi-cloud hybrid environment means that data is scattered across locations, so a proper toolset to provide a single view of risk is paramount. If you cannot see your data, you cannot manage it. It is essential to identify data, understand where you are at risk and what your exposure is, and know how to apply regulations to ensure adherence and compliance. Preventing the pandemic from affecting your business is about more than social distance – you need to look after your data as well.

 

Source: MyBroadband

The person behind the recent Absa data breach was a credit analyst at the bank who had access to risk modelling systems and sensitive client information.

The employee, who Absa said they trusted, leaked the client data to an external platform and then sold it to third parties.

This is feedback from Absa chief security officer Sandro Bucchianeri, who was speaking to ENCA about the data breach.

Bucchianeri first learned about the data breach on 27 October, after which they informed the Information Regulator about it.

Around a month after first being alerted to the data breach, Absa sent an email to affected clients warning them that their personal information had been shared with third parties.

He said the communication with customers was delayed to ensure they did not compromise the investigation, which was going through a court process at the time.

To date, Absa has not provided much detail about the number of clients affected and the person behind the leak, but Bucchianeri has now shed more light on the issue.

He said the Absa credit analyst sold private information about their retail banking clients to third parties.

While Bucchianeri could not divulge who these third parties were, he said they were from a “marketing type perspective who were looking for that type of information”.

“They may use the information to sell services or try to commit fraud on these accounts,” he said.

This employee has subsequently been suspended pending further information. Absa has also brought criminal charges against the employee, and these are playing out in the courts now.

Bucchianeri said the information which was leaked included bank account numbers, names and surnames, ID numbers, and contact details.

He added that the details of around 200,000 of their retail banking customers have been compromised.

Absa has now destroyed the leaked data and the external party devices have gone through an independent forensic review.

“We are in the process now to obtain the files for our own investigation,” said Bucchianeri.

He said Absa may also bring charges against the third parties who had access to the leaked data.

Following the data breach, Absa has implemented heightened monitoring on all the clients’ accounts who were leaked.

 

 

Absa suffers data breach

By Dhivana Rajgopaul for IOL

Absa has laid criminal charges against the employee behind the data breach that resulted in clients’ personal information being leaked to third parties.

“Absa has brought criminal charges against the employee, and internally the requisite consequence management has been undertaken. Absa may take further action in relation to the recipients of the data once the full scope of the leak is identified and all investigations are completed,” said the bank in a statement.

According to the bank, an employee unlawfully made customer data available to external parties.

Absa warned the affected clients through an email on November 30 which informed them their personal information had been shared with external parties.

Absa said a “small portion” of clients’ personal information was leaked, but investigations would continue.

The personal information of clients that was shared with third parties includes identity numbers, account numbers, contact details and physical address.

The bank also secured an order from the High Court to carry out search and seizure operations and secured the devices that contained the data.

According to Absa, the data on the devices was destroyed.

The bank said it would contact customers who were affected by the data breach about potentially suspicious transactions.

It has also enhanced the monitoring of customer accounts that have been affected to date as well as put in place additional control measures to minimise the risk of re-occurrence in future.

 

Source: Telecom Paper

Vodacom South Africa says it has spent R1-billion on batteries over the last six months to ensure its network stayed up during loadshedding, MyBroadband reported.

Vodacom CEO Shameel Joosub said the power outages this year forced the operator to increase its back-up power investment.

South Africa suffered the worst ever load-shedding in 2020, with total gigawatt-hours shed surpassing the 2019 record in August. In September, the cumulative load-shedding for 2020 was already 23% worse than the whole of 2019.

To create a robust mobile network, Vodacom directed 20 percent of its R5-billion capital expenditure over the last six months towards back-up power.

To buy and install new batteries at mobile sites is only part of the challenge as criminals are wrecking mobile networks to get their hands on the batteries, which are then sold on the black market.

Joosub said Vodacom is losing around R150-million per year because of battery theft, which is an ongoing battle.

 

By Ben Gilbert for Business Insider US

As the coronavirus pandemic continues around the world, some people are turning to an emerging black market for fake negative test results.

In France, at Paris’ Charles de Gaulle Airport in September, a group of seven people were arrested for selling falsified digital certificates intended to prove negative coronavirus results, the AP reported last week. The group was discovered following an investigation sparked by a traveler leaving France for Ethiopia. The traveler reportedly had a fake digital certificate that claimed they tested negative for the virus.

The group in Paris was reportedly selling the fake test results for $180 (R2,800) to $360 (R5,600) apiece.

In another case, in late October, a group of travelers in Brazil was found with falsified negative test results in an attempt to enter the Fernando de Noronha island group, the AP reported.

Rather than buying fake test results, the group is accused of altering their own results.

In yet another case, in the UK, several gentleman told The Lancashire Telegraph that they had doctored the results of friends’ tests in order to travel. “You can simply get their negative test and change the name and birth date to your own. You also put a test date on which is within the time limit required,” the unnamed man said. “You download the email, change it and then print it.”

Coronavirus diagnoses and deaths continue to climb around the world, and the pandemic has seen a resurgence in recent months in North America and Europe, according to the World Health Organisation. As of November 12, the virus has killed more than 1.2 million people and infected over 51 million people around the globe.

 

Matric Mathematics Paper 2 leaked

By Zodidi Dano for IOL

The Matric Mathematics Paper 2 set for the Class of 2020 has been leaked, the Department of Education (DBE) announced.

“Initial indications are that the paper became available in the early parts of Monday morning, hours before the paper could be written.

’’The origins of the leak are not clear as yet but the matric candidates who had access to the question paper appear to be located in the Limpopo and Gauteng provinces,” the DBE statement said.

Mathematics Paper 2 was scheduled to be written on Monday at 9am. The exam was to be three-hours long.

According to the DBE, the leaked paper was verified and the contents of it was found to be the same as the question paper that was to be written at 9am.

“The Department of Basic Education is investigating the matter to establish the extent of the leak.”

The DBE said initial probing pointed to a few pupils in the two provinces, Gauteng and Limpopo.

The investigating team is gathering evidence and a report will be submitted shortly. The department said it would enlist the support of the Law Enforcement Agencies to assist with the investigation.

“The Department will investigate this matter fully and thoroughly and will utilise the mechanisms it has at its disposal which are part of the examination protocol to identify learners that may have had access to the paper,” the statement read.

The department also appealed to the Class of 2020 and all other candidates to remain focused on the examination papers that are still to be written and be assured that the culprits that are at the centre of the “despicable act will be dealt with harshly”.

Those with information are urged to contact the Department of Basic Education.

 

Source: MyBroadband 

South Africa’s driving licence renewal system continues to frustrate motorists, and “something sinister” may be behind some of the problems.

This is according to Jacob Mamabolo, Gauteng MEC for public transport and roads infrastructure, who was speaking to ENCA about the problems.

Many South Africans are trying to renew their driving licences which expired during the lockdown when the renewal centres were closed.

The Department of Transport published a directive to address the backlog in driver’s licence renewals to offer motorists a grace period.

All driving licence cards that expired between 26 March 2020 and including 31 August 2020 are now valid for a period ending on 31 January 2021.

This grace period gives motorists some relief, but it has also created a backlog in renewals which are now challenging to resolve.

The fact that driving licences which expired after 31 August do not enjoy the same grace period is putting further strain on the system.

The driving licence renewal problems are so severe that the Automobile Association (AA) has called for urgent changes to the process.

The AA has also called for an immediate moratorium on fining motorists without renewed driving licences.

“It’s an absurd situation where motorists cannot renew their discs or cards and are then stopped and fined for not having done so,” the AA said.

The Organisation Undoing Tax Abuse (OUTA) wants Transport Minister Fikile Mbalula to change the driver’s licence validity period from five to 10 years.

“This should save the SA consumer and government time and money as well as improve the administration and manageability of the renewal process by the state,” it said.

It also asked for a more efficient online application process for driver’s licence renewals which precedes the actual renewal.

This, OUTA said, will allow for more effective service delivery and flow between the appointment, eye test, and licence delivery.

Something sinister
There is an even bigger concern related to the driving licence renewal system – government officials who hijack the system.

Mamabolo said the online booking system is a big frustration to motorists trying to renew their licences.

The government has subsequently analysed the data, revealing that there is a problem with how officials are managing and handling the allocation of slots.

He said many slots are allocated to services like new driver’s licence applications, but not to drivers’ licence renewals.

“That tells you that the way the officials are allocating slots on the system is not correct as it makes them underperform in renewals,” he said.

He said they are now investigating why officials are deliberately allocating more slots for new driver’s licences.

He dismissed speculation that bad training may be behind the problem, saying it reveals something far more worrying and sinister.

While not directly mentioning corruption, Mamabolo hinted at something “dodgy” going on at driving licence testing centres (DLTCs).

“We need to investigate and check whether there is something sinister to the trend of lower driving licence renewals,” he said.

Most DLTCs are under the control of municipalities, and Mamabolo will now discuss the issue with the respective mayors at these municipalities.

Steps to resolve the problem
Mamabolo assured motorists that they are acting to resolve the problems with driving licence renewals, which include:

Issuing a directive to increase the allocation of driving licence renewal slots.
Commissioning an investigation into potential corruption in the allocation of slots.
Looking at increasing the number DLTCs and explore other options like using mobile facilities.
“What the people are going through is definitely unacceptable,” Mamabolo said.

 

By Bradley Prior for MyBroadband

Old Mutual has confirmed that a portion of its customers have been signed up to its policies without their permission.

This follows a reader telling MyBroadband that they had been subscribed to, and had been billed for, two different policies for which they had never signed up.

The reader, who is a teacher employed by the government, said five of their coworkers had been affected by similar issues over the past few years, and was aware of more teachers working elsewhere who had also been affected.

The reader had been billed for thousands of rand over nearly a year-long period. One of the policies was with Old Mutual and had been billed since November 2019, while the other was with Emerald Life and had been billed since April 2020.

The reason the reader only picked up on this issue many months after it had begun is that they do not get regular payslips from their state employer.

Old Mutual finds the problem
MyBroadband brought the matter to Old Mutual’s attention, and it investigated the situation.

Upon the conclusion of this investigation, Old Mutual told MyBroadband that there was indeed foul play at work.

“Our investigations identified individuals that had been signed up for Old Mutual policies without their consent,” said Old Mutual.

“The implicated parties have subsequently been dismissed and barred from conducting intermediary work.”

Old Mutual also confirmed that it cancels policies that are found to have been opened unlawfully and refunds customers in these cases.

Old Mutual told MyBroadband that the parties in question were independent broker agents who were licensed under the FSCA and accredited to sell Old Mutual products.

Following Old Mutual confirming the problem, the reader told MyBroadband that they were compensated for the full amount lost due to this fraud from November 2019 to October 2020, as well as an additional R500.

Old Mutual fighting fraud
Old Mutual noted that fraud and identity theft are an industry-wide issue, and said it “investigates promptly” and “takes decisive action” in such cases.

“Old Mutual is working with the Provincial Treasury Anti-Fraud Unit and the SAPS Commercial Fraud and Statutory Investigations Unit to gain insight into identifying such incidents earlier, more frequently and accurately. We also conduct regular Fraud Awareness training and engagements with employees,” it explained.

“Old Mutual has a zero-tolerance attitude towards Financial Crime and we take appropriate action against any employee or agent implicated in fraud.”

It also noted that it runs consumer education campaigns to ensure the public is aware of how this fraud can happen and encouraged customers to stay vigilant.

“We have consumer education campaigns to make the public aware of this type of fraud and encourage customers to remain vigilant.”

How to protect yourself against fraud
Old Mutual noted that its campaigns to educate the public on this type of fraud includes encouraging its customers to review their payslips and bank statements on a continuous basis.

This will help them to find and report any transactions that they deem to be suspect.

If they detect such deductions, Old Mutual said customers should contact them in one of the following ways:

  • Email: Complaintadmin@oldmutual.com
  • Call MFC Servicing Call Centre: 0860 607 000
  • Visit any Old Mutual retail branch

When work WhatsApps cross the line

Almost all of us belong to some kind of WhatsApp or other group chat for work purposes. However, cyber sexual harassment in the new world of work is becoming an increasing threat, says Phetheni Nkuna of Cliffe Decker Hoffmeyer.

Group and individual chats may become an uncomfortable – and litigious – place.

Inappropriate messages sent between employees include:

  • Repeatedly texting a co-worker to ask them out
  • Making fun of a person (body shaming) in a group email or WhatsApp group chat
  • Posting or sending a sexually offensive meme to a workplace collaboration app (Slack, Google Hangouts), WhatsApp, Teams, Zoom or email
  • Posting or sending a lewd and/or sexually offensive GIF (Graphics Interchange Format)
  • Sharing personally identifying information about someone, either to embarrass/humiliate them, or cause them to fear for their safety, with sexual undertones
  • Quid pro quo sexual harassment – sex for jobs, benefits or some other benefit.

Employers are liable

Nkuna said that sexual harassment is covered by a number of pieces of legislation in South Africa, including section 6 of the Employment Equity Act which defines sexual harassment as a form of discrimination.

Employers should:

  • Take all reasonable and practical steps to ensure that employees do not commit any act of sexual harassment
  • Provide safe and healthy working environment. Confirmed in J v M Ltd [1989] 10 ILJ 755 (IC) that employers have a duty to ensure that employees are not subject to any form of sexual harassment
  • Beware that employees may sue an employer as a result of allegations that the employer did not deal with sexual harassment complaints in a proper fashion

 

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top