Cyber criminals are always on the lookout for the easiest way to breach a system. In the past, this often involved sophisticated coding to break into a network and steal critical data. However, the criminals have changed their method of attack as well as their focus. Over the last year or so, they have turned their attention to those industries that are most vulnerable as well as making use of user-enabled Trojans such as ransomware. South Africa is listed as one of the top countries around the world for the highest quantity of system breaches and the healthcare and financial companies are those that are targeted the most.
While there was an astounding 8.8 million cyberattacks that were listed for 2016 in SA, it’s important to note that many people and companies simply don’t report a breach due to embarrassment or loss of reputation. The true number of attacks are therefore unknown. There is a reason that cybercriminals turn to the healthcare industry for their attacks and it is simply because they know that patient data can be a matter of life and death and the organizations will do (or pay) when they are locked out of or blackmailed for this data.
In a Business Report article: “WARNING: Cyber attack may be coming to South African businesses”, they point blank tell the story of the price that organizations pay:
“The costs of data breaches for South African companies continues to rise, with an increase of 12% in 2017 compared to 2016.”
Even in countries such as the U.S. that have high level security protocols, the method of breach counteracts all of the security by user error/access via email or web browsing. This circumvents the traditional breach methods by taking advantage of human vulnerability. In SA, the 2015 POPI (Protection of Personal Information) Act was instituted to address security issues for both private consumers and businesses. However, POPI has not been completely rolled out and even when accomplished, it does not address the type of breaches that the cyber criminals are currently making.
As quickly as governments and businesses try to stop these attacks, the cybercriminals seem to develop new ways to breach the systems. The government of SA, like many, is scrambling to try to keep up with the information haemorrhaging. Even before POPI is completely in place, the government is trying to institute another program and this one has raised many eyebrows. The Cybercrimes and Cyber Security bill is touted as being another way to offer security, but instead, it enters into some fairly sketchy methods including making it a criminal offense for those companies and organizations that are designed to assist with security issues. In an AllAfrica.com article it states:
“The people who test the security of our systems do so by trying to break those systems from the outside, using software that could now be criminalised by this Bill. Many times, they do so without the authorisation of the owner of that network or software, because it’s usually a company or government institution that thinks it knows better. This kind of security testing has made us safer, and prevented many acts of cybercrime. Because this Bill can’t tell the difference between actual cybercriminals and security testers, it will discourage people from testing internet security systems, and ultimately make the internet less safe.”
Cyber criminals want valuable personal healthcare data. This information can be sold and shared on the dark net. The best way to assist in keeping any network or system safe is through education of staff and a highly trained IT department that has emergency protocols in place that complement the due diligence of updated firewalls.
“Da Vinci Forensics works closely with businesses of all types to assist in ensuring that employees are aware of the various ways that cybercriminals try to breach a system. We coordinate with IT Departments, making sure they are kept up to date on the latest activities of these criminals and act as a partner in establishing risk analysis and required security methods.”
Da Vinci Forensics