Cyber crime is the fourth most reported economic crime in South Africa, with the local economy reportedly losing as much as R1 billion annually due to online criminal activities, says Cathy Smith, managing director of Cisco Southern Africa.
Cisco on Thursday released its 2017 Midyear Cyber security Report warning that no industry is safe with attackers basing their campaigns on opportunity, and whatever industry presents the best return on investment.
The report found that the rapid evolution of threats and magnitude of attacks is leading researchers to forecast potential “destruction of service” attacks. These attacks eliminate organisations’ backup and safety nets, required to restore systems and data after an attack, Cisco said.
It said that recent cyber incidents such as WannaCry and Nyetya show the rapid spread and wide impact of attacks that look like traditional ransomware, but are much more destructive. “These events foreshadow what Cisco is calling destruction of service attacks, which can be far more damaging, leaving businesses with no way to recover,” it said.
“Recent IoT botnet activity already suggests that some attackers may be laying the foundation for a wide-reaching, high-impact cyber-threat event that could potentially disrupt the Internet itself,” the tech firm said.
Cisco security researchers watched the evolution of malware during the first half of 2017 and identified shifts in how adversaries are tailoring their delivery, obfuscation and evasion techniques. Specifically, Cisco saw they increasingly require victims to activate threats by clicking on links or opening files.
“They are developing fileless malware that lives in memory and is harder to detect or investigate as it is wiped out when a device restarts. Finally adversaries are relying on anonymised and decentralised infrastructure, such as a Tor proxy service, to obscure command and control activities,” Cisco said.
Cisco said that while it has seen a striking decline in exploit kits, other traditional attacks are seeing a resurgence:
- Spam volumes are significantly increasing, as adversaries turn to other tried-and-true methods, like email, to distribute malware and generate revenue. Cisco threat researchers anticipate that the volume of spam with malicious attachments will continue to rise.
- Spyware and adware, often dismissed by security professionals as more nuisance than harm, are forms of malware that persist and bring risks to the enterprise. Cisco research sampled 300 companies over a four-month period and found that three prevalent spyware families infected 20% of the sample.
- Evolutions in ransomware, such as the growth of Ransomware-as-a-Service, make it easier for criminals, regardless of skill set, to carry out these attacks. Ransomware has been grabbing headlines and reportedly brought in more than $1 billion in 2016, but this may be misdirecting some organisations, who face an even greater, underreported threat. Business email compromise (BEC), a social engineering attack in which an email is designed to trick organisations into transferring money to attackers, is becoming highly lucrative. Between October 2013 and December 2016, $5.3 billion was stolen via BEC, according to the Internet Crime Complaint Center.
Cisco South Africa recently launched a cyber security academy to educate and fast track the skills needed to deal with the growing global challenge of cyber security. “Being breached is the new normal,” Smith said.
“Cyber crime is now the fourth most reported economic crime in South Africa, with our economy reportedly losing R1 billion each year due to online criminal activities,” said Smith.
“We are also aware that security is a business priority, with many executives feeling overwhelmed by the defender environment and citing certification and talent as two of the biggest constraints to adopting advanced products and solutions.”
The centre enables both public and private sector stakeholders to be exposed to some of the most up to date trends in cyber threats from around the world, while learners will be provided with the necessary skills, knowledge and insights into some of the technology and expertise required to fight the scourge of cyber crime, Cisco said.