South Africa is facing one of the largest cyber attacks it has ever seen, with banks, ISPs, and the government being targeted.
In the last two months:
- The City of Johannesburg fell victim to a cyberattack which led to its information systems becoming compromised, and its systems (including the website and billing) being such down. A ransom was demanded but the City is refusing to pay
- The banking industry was hit by a wave of DDoS attacks targeting consumer-facing services
- ISPs were hit by a number of DDoS attacks, as previously reported in My Tech News. In September, Cool Ideas and Atomic Access suffered an attack that severely affected their services; in October, Cybersmart was hit by a large DDoS attack which caused intermittent connectivity over two days; and recently Afrihost, Axxess, and Webafrica were hit by a very large DDoS attack which affected DSL and fibre subscribers
Parmi Natesan, CEO of the Institute of Directors in South Africa (IoDSA), told MyBroadband that “these attacks should serve as a wake-up call to companies” – who may not be taking adequate steps to protect themselves.
South African businesses of all sizes, including educational institutions, have been particularly hard hit by an onslaught of cyber-attacks, although this is not always public knowledge, according to Kerry Curtin, cyber risk expert at Aon South Africa.
Cyber risk was ranked as the #1 risk facing educational institutions and is likely to remain so for the foreseeable future, according to Aon’s 2018 global risk management survey.
Curtin says the potential theft or leakage of data, particularly confidential information in an educational setting, should be top of the list in risk planning.
“The need to strengthen institutional resiliency against potential damage, compromising hacks and downtime is crucial,” she adds.
This is because schools, like any other business, are increasingly dependent on technology. The knock-on effect of a cyber incident at an educational facility has the potential to be financially and reputationally catastrophic.
For example, in 2016 it was reported that the University of Limpopo’s website was taken down, leaking exam papers and the details of over 18 000 students, in addition to perpetrators publicly posting what was believed to be the login details for the University’s intranet.
The sheer number of cyber-attacks on educational institutions suggests that the sector is not as prepared as it should be in its efforts to safeguard networks, according to Curtin.
Aon provides the following tips for the education sector:
Safeguard institution-owned devices
All computers, laptops and smart devices owned by the educational institution should at the very least have a current anti-virus programme installed, in addition to adware and malware protection.
One of the biggest threats to any business is the people operating these devices and their naivety regarding cyber risks, so education is key.
The practice of students and staff members bringing devices to school or university that interact with the institution’s network is very likely. The first line of defence is keeping guest devices separate from the network, allowing the institution to keep data secure on an administrative network, as well as monitor traffic more closely.
When it comes to sending sensitive information, it is crucial to implement a secure file exchange solution that can protect against cyber threats such as phishing scams.
While passwords alone do not provide adequate levels of security and hackers are able to circumvent physical biometrics such as fingerprint identification as a single layer of authentication, Multi-Factor Authentication (MFA) is fast becoming the next line of defence.
Social media policy
Not only does the policy need to stipulate what is deemed as acceptable behaviour from employees and students, but it also needs to explain what the benefits are of becoming an ambassador for the brand and the legal ramifications inherent to social media platforms.
It seems like there is a new data breach every other day, causing companies untold embarrassment and reputational damage when customers’ private details are leaked.
A new Web site called www.haveibeenpwned.com allows you to see if your details have been compromised by a data breach.
Simply click on the link, enter your email address and click the pwnd? button to find out if you’re a victim.
Major data breaches
Some high profile leaks in the last while include:
- RNC (2017)
A misconfigured database containing the sensitive personal details of over 198-million American voters was left exposed to the internet by a firm working on behalf of the Republican National Committee (RNC) in their efforts to elect Donald Trump.
- Zomato (2017)
Zomato, which provides users with an online guide to restaurants, cafes and clubs, reported that data from 17-million users had been stolen, including email addresses and hashed passwords.
- NHS (2017)
The recent WannaCry ransomware infected 47 NHS England Trusts and hundreds of companies across the world.
- ‘Eddie’ breach (ongoing)
Security researchers at the Kromtech Security Research Center discovered a massive database of 560-million login credentials which is believed to come from up to 10 popular online services such as LinkedIn and Dropbox, obtained during previous data breaches.
- Wonga (2017)
Payday loan company Wonga has fallen victim to a large data breach that could have hit as many as 245,000 of its customers including bank account numbers and sort codes.
- Tesco Bank (2016)
Late last year, Tesco Bank, the consumer finance wing of the British supermarket giant, froze its online operations – after as many as 20 000 customers had money stolen from their accounts.
- Sage (2016)
As a FTSE-100 firm, the apparent insider attack admitted by accounting and HR software firm Sage could turn out to be one of the most important in UK data breach history if its scale is confirmed.
- Ashley Madison (2015)
In July 2015, a group calling itself “The Impact Team” stole the user data of Ashley Madison, a commercial website billed as enabling extramarital affairs. The group leaked more than 25 gigabytes of company data, including user details.
- Mumsnet (2014)
A direct victim of the infamous and widespread Heartbleed SSL software flaw, the compromise allowed hackers to access anything up to 1,5-million user accounts on the hugely popular site, its owners revealed.
- Yahoo (2013, 2014)
It seems hard to pin down just one data breach spawning from Yahoo’s 22 years in business. Last year appeared to unearth a mammoth lack of security on Yahoo’s part with reports uncovering a breach affecting over 500-million Yahoo user accounts during 2014.
- Sony PlayStation Network (2011)
The largest data breach in history at the time, Sony’s disastrous 2011 breach saw hackers make off with the customer records of 77-million people relating to its PlayStation Network, including a small number revealing credit card numbers.
Sources: www.techworld.com; wikipedia; www.haveibeenpwnd.com