SA’s huge Windows piracy problem

By Bradley Prior for MyBroadband

Only a third of PCs being shipped to Africa include genuine software, which is a reason for the increase in data breaches and malware attacks in the region.

This is according to Deniz Ozen, regional general manager for consumer and device sales at Microsoft Middle East and Africa.

Ozen said that this has resulted in the loss of important data and decreased productivity on the continent.

Benefits of legal software for Africa
“Africa’s emerging market potential is unparalleled and business development and the growth of existing SME’s remains a key focus across the continent,” Microsoft said in a statement.

“To tap into this potential growth, access to affordable genuine software and hardware is necessary if the digital divide is to be closed.”

Microsoft believes that access to genuine software ensures comprehensive security for devices and data, making legitimate software important to the long-term success of businesses.

The same applies to students who rely heavily on access to devices, software and information to complete their required tasks and projects.

Fixing the piracy problem
The Software Alliance said in its June 2018 report that the overall rate of pirated software in the Middle East and Africa region stood at 56%.

“Pirated software is often installed without the end user’s knowledge, and it is those users who suffer the consequences including lost data and unusable PCs,” said Microsoft.

Microsoft EMEA VP of consumer and device sales Bradley Hopkinson told MyBroadband in October that Microsoft has various measures in place to fight piracy in South Africa and in Africa as a whole.

“We have come up with a programme called the Africa Coverage Programme, which is an affordability programme with our multinational partners,” said Hopkinson.

“Effectively, it is a programme that we believe will address affordability, and at the same time we need to drive awareness for the value of genuine software, which we will do as part of that programme.”

Microsoft has also launched its Windows PC Affordability in Africa Initiative, which aims to reduce the prevalence of Microsoft software piracy in the African market.

“Through the Windows PC Affordability in Africa Initiative, we aim to educate consumers on the risks of using pirated software, and to work with our PC ecosystem partners including Acer, ASUS, Dell, Intel, Lenovo, Mustek and SMD to make Genuine Windows 10 PCs more affordable across Africa,” said Hopkinson.

“We have high aspirations to bring piracy almost to zero across Africa. We see a world across Africa where we can get genuine Windows in excess of 80% and even higher, and that is also based on the success we’ve seen through similar programmes in other emerging markets.”

Source: Fin24

An infamous Russian-speaking hacking group – referred to as Silence – is the likely culprit making thousands of attempts to hack major banks in sub-Saharan Africa, cybersecurity company Kaspersky Labs said on Monday.

The group is called Silence because of the silent monitoring done via their malware. They have already carried out a number of successful campaigns targeting banks and financial organisations around the globe.

According to Kaspersky, the typical scenario of an attack begins with a social engineering scheme, as attackers send a phishing e-mail that contains malware to a bank employee.

From there, the malware gets inside the banks’ security perimeter and lays low for a while, gathering information on the victim organisation by capturing screenshots and making video recordings of the day-to-day activity on the infected device.

“Once attackers are ready to take action, they activate all capabilities of the malware and cash out using, for example, ATMs. The score sometimes reaches millions of dollars,” says Kaspersky.

“The attacks detected began in the first week of January 2020 and indicated that the threat actors are about to begin the final stage of their operation and cash out the funds. To date, the attacks are ongoing and persist in targeting large banks in several SSA countries.”

Kaspersky accordingly advises financial organisations to introduce basic security awareness training for all employees so that they can better distinguish phishing attempts. Banks should also monitor activity in enterprise information systems and prepare an incident response plan to be ready for potential incidents in the network environment.

In August 2019 Kaspersky reported a cyber attack in which South Africa was apparently among 17 countries targeted by North Korean hackers, related to the activity of the so-called Lazarus group. They also targeted banks and other financial institutions.

By Phillip de Wet for Business Insider SA

Scammers are separating helpful South Africans from their money in what appears to be a wave of fraud that relies on hijacking WhatsApp accounts – and then simply asking for money.

The scammers first take control of a victim’s phone number, usually by porting the number to a new service provider, and so associating it with a SIM card under their control. That allows them to receive confirmatory SMSes from WhatsApp, and so take control of an existing account, while the now-offline victim is none the wiser.

Now able to impersonate the victim, the scammers access the phone numbers of friends and acquaintances, in many instances seemingly just waiting for incoming messages, or by way of WhatsApp groups to which the victim belongs. Then they simply ask for money.

Number porting has in the past often been used to intercept one-time PIN (OTP) numbers – but that requirers scammers to have control of bank accounts, either by skimming credit card information or stealing login details for online banking.

In the current wave of scams, the attackers do not need such access. Friends of victims are asked to send money via services such as First National Bank’s eWallet, which sends the code required to withdraw money from an ATM via SMS – with the cash immediately available.

As of Wednesday it was not yet clear how widespread the new scam was, with network operators saying they were detecting only a small number of fraudulent attempts to port numbers – while many people said they were receiving worrying notifications, or had already seen their friends approached for money.

Here’s how to protect yourself against both sides of the latest WhatsApp hijacking scam.

Turn on security notifications in WhatsApp.
WhatsApp security code settings
WhatsApp will alert you when a contact changes their phones – if you let it. For those in many big WhatsApp groups – with people who like to switch phones – the constant messages that a contact’s “security code has changed” can becoming annoying, so some people turn it off.

If you are one of those people, turn those notifications back on by going to “settings”, then selecting “account”, and from there “security”.

Should a “friend” ask for money shortly after their security code changes, be extremely suspicious.

Don’t ignore porting SMSes.
Cellphone companies will send out notification, by SMS, before porting a number – but will consider no response as permission. If you receive an SMS that warns your number is to be ported, do not ignore it.

If you are worried that message might be a scam in itself, phone your network provider on the usual service number.

Don’t turn off your phone if you’re getting annoying calls.
Some victims of porting say they were bombarded by annoying phone calls before their numbers were hijacked. The idea behind constantly ringing your number is to make you turn off your phone – so that you won’t receive porting notifications, and won’t notice you have suddenly been kicked off the network.

If someone keeps phoning then putting down the phone before you can answer, or you keep receiving calls with nobody on the other side, assume you are being scammed, and rather put your phone on silent while watching out for SMSes.

Don’t ignore a loss of cellphone signal.
If your phone suddenly won’t connect to your mobile network – and you aren’t in the middle of nowhere, or in an area being load-shed – assume your number is being hijacked, and get in touch with your network service provider as soon as possible.

Don’t register a new WhatsApp account if you change phone numbers, update your number instead.
Some victims of WhatsApp identity fraud believe they were impersonated after their former, abandoned cellphone numbers were recycled by network operators.

If you are switching numbers and want to be sure nobody can pretend to be you in future, you can change the phone number associated with your WhatsApp account.

If you really care about your security, enable the PIN function on WhatsApp.
WhatsApp 2-step verification
For ultimate protection, you can create a six-digit PIN number in WhatsApp, without which it should be impossible to register on the service – so that no number-porting scam or other mechanism will let someone steal your identity.

There is no better way to protect yourself, but this two-step verification measure comes with a couple of caveats. If you do not associate an email address with that PIN, or lose access to the email address you register, you are in deep trouble if you ever forget your PIN. Also, WhatsApp will from time to time demand the number from you, which could get annoying.

The PIN activation is under “settings”, “account”, and then “two step verification”.

Five DStv scams to avoid this Christmas

By Tom Head for The South African

If you’re a subscriber to the network, take note. At least five major DStv scams have been identified this year: here’s how to play it safe.

‘Tis the season to be cautious, folks. There are a myriad of DStv scams waiting to trip-up some unsuspecting victims this Christmas. The network have confirmed that a number of schemes have already been detected, and bosses have raced to warn South Africans about the dangers they face.

It isn’t just the technophobes and boomers that are getting duped by the sophisticated rouses, either. These DStv scams have caught-out people across the board. But what do we need to look out for?

The gift card phishing scam
Customers receive an email informing them that they’ve won a cash gift card or huge sums of prize money from a MultiChoice competition. However, targets are then asked to provide personal details in order to claim the prize. It’ll be for a competition you definitely didn’t enter, so please, don’t hand any of your information out.

The “final notice” SMS scam
Some DStv customers have received an SMS claiming to be from DStv demanding payment for a DStv Explora account. It threatens action if payment is not made today and includes banking details. However, the network do not send such crudely-worded communications. You can contact them to find out the status of your account if you feel unsure.

Recruiting for social media jobs
There are dangerous scams disguised as recruitment ads for MultiChoice. One of the most popular ones offers applicants the chance to be driven to an interview. MultiChoice does not offer such a service, under any circumstances. Use the Afrizan website to verify any offers.

The DStv Premiem upgrade scam
Opportunists are contacting customers – via email or telephone- and offering them DStv Premium for a fixed once-off fee per yea, where the customer pays the fee directly to the scammer. Customers are asked to disregard such offers, and they are asked to refrain from letting a third-party upgrade an account for them.

Say no to installation offers
Don’t let your desire for a festive bargain cloud your common sense. If someone offers you a discounted DStv subscription at a once off payment, treat this with suspicion and check it with the network. Anyone offering “free package upgrades” or “free DStv for life” in a cut-price deal will be trying to rip you off.

How to avoid these DStv scams
The network have issued the following statement, advising consumers on how they can stay safe this year:

“There are usually tell-tale signs that can help you spot if something is a scam. Like receiving an email or SMS from us claiming that you’ve won a huge prize for a DStv competition you never entered, and for which you must either pay a fee or verify yourself by sending personal details – sounds too good to be true? It probably is.”

“MultiChoice will never request your personal details via email or SMS – please do not hand over your personal information to anyone claiming to be from DStv. Always check the email address and emails containing spelling and grammatical errors. MultiChoice only use one domain for emails (multichoice.co.za).”

By Aaron Holmes for Business Insider US

The most effective way to protect yourself against hackers is to build good password habits, experts say.

Cybersecurity experts shared straightforward tips with Business Insider that can make it exponentially harder for hackers to break into your account.

There’s no reason that your password should be a single word – a “passphrase” consisting of multiple words is much safer.

If your password is one word, you’re doing it wrong – it’s time to upgrade to a multi-word “passphrase.”

Password strength is one of the most important pieces of online security. The vast majority of hacks result from phishing – the act of guessing users’ login credentials based on information gleaned from messages and online profiles – which stems from human error and is easily preventable.

Hackers are also developing increasingly sophisticated methods to track and exchange peoples’ passwords, making preventative action all the more crucial.

Business Insider spoke to cybersecurity experts, who outlined simple steps users can take to make sure their online accounts are secure. Here’s what they recommend.

“‘Password’ is a bit of a misnomer. What you should actually be using is a passphrase,” says Kiersten Todt, managing director of the Cyber Readiness Institute and a former cybersecurity adviser to the Obama administration.

“Make that passphrase as long and difficult as possible,” Todt added. Four words long is safe, and five is even safer.
Contrary to popular belief, it’s perfectly fine to use spaces in your password. Many major sites, like Google and Facebook, accept “space” as a valid password character.

A “passphrase” is stronger than a single password because it increases entropy, or the amount of randomness in a password, making it harder to guess.
The creators of ProtonMail, a security-minded email service, say multi-word passphrases are a solution to the problem that “we humans are bad at creating randomness, and we’re bad at remembering things.”

Unlike complex one-word passwords with lots of special characters, passphrases are easy to remember. If your ‘secure system’ isn’t easy to use, people won’t use it, negating the security benefit,” the ProtonMail team argues.

Even when using passphrases, it’s crucial to change your password: “The people who are getting hit by hacks are the low hanging fruit who reuse the same passwords,” according to Alex Heid, chief technology officer at SecurityScoreCard.

Retailers must prepare for cybercrime spikes

Retailers are increasingly coming under attack by cybercriminals, and there is little wonder why. They process payments on oftentimes unprotected Point of Sale (POS) systems, transfer large sums of money, and store and process sensitive customer information, such as banking and card information. They also process more online banking and card transactions. Cybercrime attacks on retail businesses tend to spike over the festive season, starting with Black Friday and Cyber Monday when transactions spike dramatically.

Protecting customers’ payment information at every stage of the payment process is vital. Point-to-Point encryption is becoming more critical as it facilitates secure communication channels between devices and company servers, and so protects payment data in transit. POS systems should be designed to encrypt sensitive data from credit cards the moment information is received and again when it is sent to the payment server, such as passwords, configurations and other critical confidential data. The Payment Card Industry’s Data Security Standard (PCI DSS) increases the governance around cardholder data to reduce credit card fraud. Many banks urge organisations to be PCI DSS compliant to have the right to make credit card payments. Review systems regularly to make sure these standards are followed.

“Most cyber-attacks on retail companies happen in the e-commerce space. However, in-store POS systems are not immune to the treats. With Black Friday around the corner and the festive season looming, it is a boom time for cybercriminals. Retailers must be aware and implement strategies to guard their businesses, both online and in-store,” says Charl Ueckermann, CEO at AVeS Cyber Security.

According to Ueckermann, AVeS Cyber Security has encountered numerous organisations that have limited to no protection on POS devices. This has a direct impact on cyber security for organisations because most times, the POS and corporate systems run on the same infrastructure and network. What this means is that when a POS system is compromised, a network breach can occur for the corporate network as well, leading to confidential client information breaches.

“Protecting POS systems, therefore, requires a multi-faceted and multi-layered approach. You want a highly-effective detection and protection tool to identify and remedy vulnerabilities proactively. The solution should have anti-virus capabilities specifically designed for POS systems. You also want to ensure that the POS software itself is up to date to the latest version, at all times. This is especially important for high transaction times, such as Black Friday and Cyber Monday.”

POS systems are vulnerable to attack when they are old or outdated because the software would not have been designed with today’s modern-day hackers in mind, making them vulnerable and susceptible to malicious code. Attacks on POS systems are becoming quite sophisticated, and cybercriminals are known to use both hardware and software to hijack payment card information and steal business data. Malware targeting POS systems is common and is one of the many ways to steal payment card details. Malware is used to obtain sensitive information, and in some cases, to even steal money directly from bank accounts.

“Your security technology should be able to detect malware, tampering, rooted/jailbroken POS devices, and more. The security stack should include a feature that proactively alerts retailers and POS providers when it is not safe to use the POS devices for making payments or performing other electronic transactions. If not, your system and your business will be vulnerable,” stresses Ueckermann.

Attackers also exploit mobile POS applications to steal personal and sensitive information that is used to make fraudulent purchases. This can result in big financial losses and damage to credit reputations for unsuspecting customers, and worse still, identity theft.

The backend of mobile applications can also be used by cybercriminals to compromise POS systems as well as the majority of business transactions that are processed on the server’s side. This gives them a way into internal business systems. Once the attacker gets inside the network or central system of POS vendors or retailers, they are able to access the compromised POS application as well as other POS applications used by the retailer in other locations. Attacking the entry point at the backend is a common attacking method, and Ueckermann says countless large-scale security breaches have been caused by this method.

He concludes: “The onus is on retailers to do the due diligence to protect their customers and data against cyber-attacks over the holiday shopping season and beyond. Strategies and measures should be in place to provide a safe and secure experience for customers online and in-store.

“Card and online payment processes should be secured and encrypted, controls should be in place to check and ensure the integrity of handheld POS devices, and mobile payment systems should be subjected to regular patches, updates, and equipment upgrades to protect against continually evolving threats.”

Source: Supermarket & Retailer

Criminals will likely target the influx of shoppers bustling to get their festive season shopping done over the next few weeks, says Charnel Hattingh, national marketing and communications manager at Fidelity ADT.

Hattingh said that shoppers should particularly cautious of follow-home attacks.

“We are urging all shoppers to be vigilant at malls and shopping centres and to be aware that we generally see a spike in follow-home incidents at this time of year,” she said.

In most cases shoppers are followed home from the malls and hijacked in their driveways.

“Criminals are aware these shoppers have a car full of newly-purchased items and are generally easy, distracted targets.”

“If you suspect you are being followed drive immediately to your nearest police station or security provider guardhouse,” Hattingh said.

Fidelity ADT said drivers should also remember general hijacking safety tips such as waiting in the road for the gate to open before driving in, and making sure the gate is closed properly behind the vehicle before getting out.

Safety tips at malls

“When in the mall or centre carry as little as possible in your handbag or pockets and rather leave unnecessary bank or store cards and large amounts of cash at home,” said Hattingh.

“A packed clothing store or supermarket is the prime hunting-ground for a pick-pocket or bag-snatcher. And, never leave a handbag, purse or wallet in a trolley.

“If you don’t use a bag or do not take one along, keep your wallet or purse in the front pocket of your jacket or trousers. Criminals are also targeting phones so make sure your phone is out of sight either in a zipped-up bag or in a front pocket.”

“If you are drawing large amounts of cash, take someone along to keep watch while you are at the ATM and to keep a lookout for any suspicious individuals or vehicles on the way home. If you can avoid drawing large sums of cash, do so. Electronic payments are the safer route,” she said.

Your safety outside the mall is just as important as it is inside, Fidelity ADT said.

“Before you exit the mall, have your keys ready so that no time is wasted to get your purchases and yourself into the car. This also means that you’ll be able to hold onto your handbag as you walk. If someone does try to snatch your handbag, let it go. Do not resist or fight back,” Hattingh said.

Lastly, she suggested avoiding shopping late at night.

“While the idea of a quieter shopping mall may seem appealing, you are more vulnerable in the car parks, mall bathrooms and the likes. If you have no other choice, be vigilant and report any suspicious individuals to the mall security.”

Construction industry under siege

Armed gangs are increasingly invading construction sites across the country, harassing workers and threatening violence unless their employment demands are met.

Databuild CEO Morag Evans believes that unless contractors take a firm stand against these so-called business forums, also known as the construction mafia, the scourge will only get worse.

The violence first reared its ugly head in KwaZulu-Natal but soon spread to Gauteng, the Eastern Cape, Mpumalanga and eventually other provinces.

The attacks stem from the promulgation in 2017 of new regulations to the Preferential Procurement Policy Framework Act (PPPFA), which stipulate that 30 per cent of all contract value on state construction contracts must be allocated to certain designated groups, including black South Africans, women and people with disabilities.

Even though the regulations specifically refer to government contracts, private sector construction sites have also fallen prey to the violence.

The gangs demand either a 30% stake in the project or 30% of the total contract value in cash as “protection” against further violent disruptions and work stoppages. Recently, they have begun targeting shopping centres with demands to be employed as tellers or refuse collectors.

“Their actions amount to nothing more than extortion and giving in to these thugs only serves to encourage the abuse,” says Evans.

“The fact is,” she points out, “the perpetrators of these site disruptions have misunderstood the PPPFA regulations, which are geared to including designated groups in state contracts on a national level and do not necessarily refer to local communities.”

The damage inflicted by these gangs often means that projects are delayed for months, which causes costs to spiral, Evans continues. “Additionally, construction insurance policies do not always cover damage or loss in these circumstances. Consequently, many businesses, including black-owned small and medium enterprises, are facing financial ruin.”

Evans calls on law enforcement to be more proactive when it comes to the policing of construction sites to ensure the safety of workers and infrastructure and assist contractors in standing up to the gangs. “The police cannot work in isolation, however. Contractors have a responsibility to ensure that sites are properly demarcated with access-controlled entry and exit points. Effective safety and emergency measures, which include a communication plan, must be set up and additional security can also be employed, if necessary.

“Furthermore, politicians should refrain from creating unrealistic expectations for employment on construction projects. While the involvement of local contractors is essential, egotistical attempts to win popularity points merely fuel the disruptive attacks when false hopes cannot be met.

“There are also legal avenues to follow to mitigate the violence,” she adds. “Leading attorneys have won numerous court interdicts on behalf of construction companies against those inflicting the disruptions and claim significant success in radically minimising delays resulting from violence committed by business forum members.

“Harassment, violence and extortion are not the means to achieve transformation in the construction industry. Such actions are criminal in every sense of the word and cause more harm than good,” Evans concludes.

On 25 October, the City of Johannesburg tweeted that it had been the victim of a network breach, where it was forced to shut down various systems including its website, e-services, and billing systems.
Business Day reported that a ransom note, sent by Shadow Kill Hackers, demanded 4 bitcoin (about R435,000) before 28 October, or else it would upload the sensitive data online.

Nearly two weeks later, the City of Johannesburg’s website is offline and its call centre is unreachable, leaving residents unable to register for e-services or receive their bills.

The city has responded to complaints on Twitter, confirming that its systems are “temporarily down” – but there has been no further information about the cause of the outage or how long it will last.

According to MyBroadband, attempts to call City of Johannesburg hotlines reportedly “resulted in callers being told that the number does not exist, while attempts to access the City of Johannesburg’s website are unsuccessful.”

It is unclear whether the website’s current downtime is linked to the Shadow Kill Hackers’ cyber-attack.

South Africa is under cyberattack

South Africa is facing one of the largest cyber attacks it has ever seen, with banks, ISPs, and the government being targeted.

In the last two months:

  • The City of Johannesburg fell victim to a cyberattack which led to its information systems becoming compromised, and its systems (including the website and billing) being such down. A ransom was demanded but the City is refusing to pay
  • The banking industry was hit by a wave of DDoS attacks targeting consumer-facing services
  • ISPs were hit by a number of DDoS attacks, as previously reported in My Tech News. In September, Cool Ideas and Atomic Access suffered an attack that severely affected their services; in October, Cybersmart was hit by a large DDoS attack which caused intermittent connectivity over two days; and recently Afrihost, Axxess, and Webafrica were hit by a very large DDoS attack which affected DSL and fibre subscribers

Parmi Natesan, CEO of the Institute of Directors in South Africa (IoDSA), told MyBroadband that “these attacks should serve as a wake-up call to companies” – who may not be taking adequate steps to protect themselves.

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top