Tag: cybersecurity

SA Hospital Cybersecurity Upgrades Needed for the Vaccine Roll Out

All eyes are on the South African health department as the new COVID-19 vaccine begins to roll out. While slow to get the vaccine approved and distributed, the government seems to have wasted no time in developing the Electronic Vaccine Data System (EVDS). As a result of this, the country needs to be questioning if cybersecurity has been taken into consideration during the design and implementation.

what is the evds system?

The EVDS is a self-registration online system that will store the personal health information of registered users. The objective of the system is to digitise health information that will help both individuals and public health workers track vaccine information.

Once registered, users will be advised when they can get their vaccine and the system will keep an updated record of when, where and what type of vaccine they received.

what’s the risk?

While the convenience of the EVDS is evident, it should be noted that it also creates a major cybersecurity risk. If the hosted data is not properly protected and encrypted the system could be vulnerable to being hacked.

Many hospitals across South Africa are not properly geared to a digitalised environment and have little to no experience with cybersecurity protocols. All hands need to be on deck during COVID-19. This means that some staff members who have no experience with working in the digital world may find themselves a click away from a security breach. They may not protect their passwords, sign out of the system, or be unaware that clicking on an unknown email link is risky.

There have been extensive talks about introducing IoT to South African hospitals recently. But, with up to 15 electronic devices linked to each patient bed, and awareness of cybersecurity being so low at this point, it seems like just an added risk to the hospital environment. One must also consider when last these devices received security updates or even IT security patient care!

are hospital cybersecurity upgrades the solution?

At the outset, training healthcare staff members on how to access the system safely and securely is paramount. In addition to this, time and attention must go into training staff on the risks involved and how to use the system correctly. Online behaviour needs to adopt a more cautious approach, which is something that can be taught.

Hospitals will also have to check that their networks have up to date security measures in place and that they set user limitations, ensuring that certain data is protected and only accessed by a select few.

At the same time, hospitals are being encouraged to do secure encrypted data backups so that no sensitive data is stored on site. This could be one of the biggest steps that hospitals could (and should) make in terms of new security measures his year.

in conclusion

While the EVDS was launched by the National Health Department, it is the hospitals that will need to ensure that they are prepared and ready to protect the integrity and security of the personal data that is in their possession. The big question is how quickly they will be able to react in the event of any form of data breach or cyber incident?

More Ransomware and Data Breaches Expected in 2021

Covid-19 wasn’t the only pandemic to take the world by storm this year. As it turns out, hackers unleashed a pandemic of their own, mostly in the form of the ransomware and data breaches that swept the world. It would seem that when there’s more scope for remote work to be done, there’s more risk involved.

An employee working from home has limited security measures in place and has a tendency to behave differently when making use of devices and the internet than they would at work. In the office, security is prioritised and in most companies, advocated while at home, this is not the case. And if you thought that 2020 was a bad year for ransomware attacks and data breaches, hold your breath, because experts think that 2020 was “mickeymouse” in comparison to what2021 may hold in store for us!

high-level ransomware and data breaches expected

Cybersecurity experts are warning that the attacks and breaches they expect in 2021 will be more advanced. This means trouble for the average computer and network user.

With employees working from home while practising social distancing, they have created a “fun park” for the aspiring hacker. Ransomware attacks were already on the rise across the world and as a result of weakened security measures and increased “weak links”, they were able to turn ransomware attacks into full-on data breaches.

what’s the solution?

As a result of all the time and money lost on trying to untangle the mess left behind by hackers, companies are having to invest more capital into their remote worker’s cybersecurity measures. In fact, a recent survey of those affected by ransomware and hacks has indicated that they plan to increase their entire digital and cyber spend. 61% or respondents said they will be focusing a lot of their attention on cyber security, while 53% said they would be seeking out cloud services and solutions that will safeguard their data and business.

In short: regular data encrypted backups are now a keen focus of businesses seeking a safer “at home” working scenario.

what type of attacks are predicted for 2021?

Cybersecurity professionals believe that the following predictions are reliable:

  • increased attacks on health care and medical systems

The world is scrambling for a COVID-19 vaccine and that means hackers want to get their hands on any and all sensitive data related to this research. Data of this nature is highly valuable to a hacker and the healthcare industry. On an aside, small-time hackers may simply use the opportunity to expose the personal particulars of patients in an attempt to carry out identity theft.

  • lack of stringent permission limits will lead to cloud data breaches

Many companies making the move to the cloud and even cloud-based backups often overlook their duty to limit each employee’s access. This means that the receptionist of the business should have far less access to the system and its data files than the CEO. Companies will need to take a look at their permission limits and adjust them if they want to avoid falling victim to “human-error, one of the most common sources of data theft.

  • company “moles” may wreak havoc

We don’t often give much thought to who a hacker or weak link might be. It could be your star employee leaking sensitive information, or even a marketing assistant doing an inside job. Insider threats have been on the rise for sometime now and if your business has a “mole”, it’s best to seek them out and remove them as soon as possible. Monitoring what each staff member is doing on the system could point you in the right direction.

You should also consider storing all sensitive information in the cloud (data encrypted of course) so that no data is stored on devices, ready for a third party to get his/her hands on.

the responsibility lies with every team member

Creating a sense of individual responsibility amongst your staff is a good starting point. Employees should also take responsibility for the security of all company data. Providing pointed training, securing preventative systems and measures, and making sure that each staff member is on board whether they are working in the office or at home is essential if you hope to thwart the attempts of opportunistic hackers and ransomware agents next year. As 2021 looms, business owners need to get to work on their cybersecurity now.

Embracing the Shift to Online Events & Webinars

With more people working from home and the focus being on staying home as much as possible, many event organisers have embraced the online world to ensure that their events, conferences, and expos can still go ahead as planned.

While one would think that hosting an event online instead of at a venue, which has been the norm for many years, would present a plethora of challenges, that’s not really the case. Of course, a sudden shift to a whole new way of doing things can present teething problems, but it seems that many events have already managed to go ahead online and have done so with great success.

With telecommuting, online learning, webinars and the like gaining huge traction worldwide, security experts are warning key stakeholders and business owners that they will need to enforce a holistic data protection strategy. Security breaches can happen to any platform that hasn’t taken the proper measures to protect itself and experts stress the importance of securing sensitive data using an encrypted and automated online backup service.

Successful Online Events

Let’s take the PancakesCon 2020 event that went ahead as the “Quarantine Edition” this year. The conference was pulled together within a week and was still able to connect over 3 000 attendees and 1 000 competitors. There was a learning village, introductory talks, and multi-track live streaming.

Event organisers gathered considerable know-how from this event and the lessons learnt can benefit all businesses needing to restructure events from in-person attendance to virtual attendance. Here are just a few of the positive aspects:

  • Fewer hurdles and challenges for organisers and attendees
  • No need to spend time looking for a suitable physical venue
  • Fewer overhead expenses
  • Fewer logistics
  • Bigger turnout as attendees don’t have to travel

These benefits are particularly favourable for international events. Now, the attendee who would have possibly had to travel many hours across the globe, deal with jetlag and spend thousands on accommodation, transport, meals and more, can stay home and enjoy all the same features and benefits of the event – at minimal cost.

More Benefits of Online Events and Webinars

For corporations and entities, the benefits can be far-reaching, opening up participation to those who for one reason or another would have been unable to travel to a particular country or event. Consider the following possible benefits:

  • Colleagues who would have previously been excluded from attending the event can now be included. This makes conferences and events more inclusive for example to those who would not have been able to travel to certain events because of travel restrictions, visa complications or even a lack of funds.
  • Senior management often unable to take the time required to attend an event in another province or country due to a busy schedule, can now choose to attend specific speakers and addresses, and better manage their time.
  • Exposure of industry specifics to young talent. Webinars and remote conferences provide a less intimidating environment for young talent to learn about key trends and key ideas in industry forum discussions. Improving engagement in cybersecurity, for example, exposes young talent to a career opportunity that doesn’t look set to decrease any time soon!

Host Your Next Conference Online & See for Yourself

As South African companies adapt to a new way of doing business with the restrictions on travel and a remote workforce, the shift to virtual conferences and events represents a necessary and even advantageous solution. With the on-going development and availability of software designed specifically for remote workers and online meetings, perhaps it’s time to stop and pause for thought – do you really need to host your next event in person?

Labour Department employee arrested for inside-job cyber-attack

Let’s talk about inside-job cyber-attacks.

How much of what we hear is just a rumour, or is it time to consider inside-job cyber attacks to be a real threat to business?

Last month, we featured a blog on how some cybersecurity threats end up being an inside job. As if to illustrate our point, the Labour Department has just had one of their employees arrested for hacking the Department of Employment and Labour’s server.

Department of Labour Gets Hacked by Sandton Employee

Unbeknown to the Department of Employment and Labour, one of their team members at the Sandton Labour Centre hacked into their server, compromising the login details and personal information of over 300 employees. The attack occurred on the 21st of January.

When the Compensation Fund Anti-Corruption & Integrity Management team was alerted to the hack, immediate action was taken.

The employee who carried out the attack was quickly identified, and was arrested on the 24th of January, just three days after the cyber-attack took place. A criminal case and in-depth investigations into the hacking are still underway.

This incident only serves to reiterate just how important it is to have security measures intact, both for external cyberattacks as well as those that could just as easily originate from within the business.

The real issue is, it would seem that more and more cybersecurity threats are inside jobs, and you can no longer assume the honesty or integrity of staff and colleagues. As a business owner, you need to implement security mechanisms to protect your business, yourself, and other employees.

What to Do When One of Your Own Turns on You

If you believe that employees are targeting your business, you need to work on a strategy that deters such behaviour. Your strategy should  serve to expose those who are determined to behave in such an unscrupulous manner. Below are a few things you can do:

  • Set policies in place as to how staff members can use company laptops, computers, and other devices; Block specific URLs, and also ensure that employees are not permitted to take devices home.
  • Make sure that your employees are well educated on the possible cybersecurity risks that they might encounter. An educated employee makes fewer mistakes that might lead to a cyber-attack.
  • Track employees on the network. Make sure that employees have to access all systems with a username and password so that you can see which files they are accessing and what they are doing on the system.
  • Make sure that you have a backup system that automatically backs your data up to the cloud, daily. This means that any sensitive data on the device can be deleted or cleaned so that it doesn’t put your business at risk (or tempt hackers).

Last Word

Whether you run a small, medium, or large business, backing up your data is an essential part of your security efforts. Implement the above tips/recommendations and your business stands a better chance of defending itself against internal cyber-attacks. Make sure that you treat internal cyber risks just as seriously as you treat external threats.

Beware the Cybersecurity Threat of an Inside Job

Cybersecurity experts are often left scratching their heads after a breach or attack on their systems. Sometimes, it just seems as if the hacker knew too much about the sensitive operations of the business…and the reality is that they probably did. The ‘hacker’ could be the very person sharing an office space with you, or at the very least, one of your seemingly loyal staff members could be the “informant” or the “spy”.

The Statistics of Cybersecurity Threats Speak for Themselves

The 2019 Global Data Exposure Report unveiled statements from a plethora of companies on their data breaches. Over the last 18 months, half of the companies reporting hacking events also admitted that it was an inside job.

Even with so many attacks and data breaches being attributed to an inside job by one or several staff members, companies still view state-sponsored cyber warfare and individual hackers as the biggest threat. This infers that these companies aren’t thinking about the problem methodically…and the result is that many of them don’t have sufficient systems in place to protect against insider cyber-security threats.

Why Are Your Staff Stealing Your Data & Hacking Your Business?

The reality is that things have changed in the job landscape over the years. Gone are the days where people found a good job and stayed in it for years. Nowadays, loyalty to a job is rare, and the majority of the workforce is actively looking for new jobs. When an employee feels no real affiliation and loyalty to a company, the risk of data theft and hacking increases.

Another reality is that stealing data has become so easy that an employee may think nothing of it. Data is oh-so portable these days. It takes next to nothing for an employee to walk out with a digital copy of your full customer list with the intention of selling it on to the competition, or a hacker looking for opportunity. It’s just as easy to leave the business premises with sensitive documentation, secret unpatented designs, and even details of the payroll.

There are times where data breach can be intentional, such as in the case of a disgruntled employee being dismissed from the company and seeking to cause damage to the business.

Then again, there is also an unintentional data breach through human error. Consider the employee with sensitive data who chooses to use a social media platform to send important and sensitive information instead of the company’s approved file-sharing system. Or the employee who walks away from his/her desk without signing out of systems and applications. There’s also the employee who clicks on a link in an email and has no idea that ransomware has been installed on their computer.

From the above scenarios, it’s easy to see just how a data breach can occur from inside your business.

What to Do to Protect Against Insider Job Breaches & Hackings

What can you do to ensure that the cyber-security risk doesn’t originate from within your business? Here are a few tips:

  • Have a policy of only using business laptops, desktops and devices at work. Ensure that there are reliable endpoint detection response tools to spot unusual activity on the devices. Run daily cyber-threat tests on these devices and ensure that when an employee leaves the company, these devices are retrieved, and all the passwords and access points are cleared.
  • Educate your employees. Make sure that employees know of the risks and set subsequent policies in place to ensure that they don’t make silly mistakes. Prohibit the clicking of links from unknown senders or the clicking of unexpected links from known senders. Make it company policy to sign out of systems and applications when not using them. You could potentially set an automatic time-out on these, just to be sure.
  • Have a no take-home policy. Staff members should not be leaving the premises with sensitive information. Ensure that staff members are unable to remove any business property when going home, including hard drives, flash drives, and so on. If they do leave the premises with such items, they need to be checked and signed for.
  • Install software to automatically back up data to the cloud so that no sensitive information is left “lying around” on staff devices. When you do this, ensure that the backed up data is encrypted and that staff only have limited access to the files that are backed up. Set staff allowances wherever you can.

Last Word

It is better to be safe than sorry, and with the stats proving that a large portion of cyber-security threats originate from within a company, can you really afford to take that risk? Get to work setting mechanisms in place to safeguard your business from the inside too. Good luck!

Future Trends & Themes Emerging from the RSA Conference 2019

Cybersecurity experts flocked to the RSA Conference 2019,  hosted in Singapore from 16th to 18th of July. Several resources have described this years’ conference as “a success with thought-provoking and useful topics”, and the attendees all seem to agree.

Strong Themes at RSA Conference 2019

At past cybersecurity conferences, it seems that participants mainly focused on punting new products and their exceptional specifications. In 2019, however, other themes came to light. The main themes were unwavering in their focus on:

  • Innovation in the industry,
  • The increase in the use of AI (artificial intelligence) and the tech that supports it,
  • The involvement of youth in the fight against cybersecurity threats,
  • The possibility of collaboration between security agencies, academia, researchers, and governments.

Informative Content Designed to Support the Themes of the Conference

Content presented to industry experts was informative and valuable to numerous fields. The material covered included:

  • Privacy
  • Security
  • Cyber risk leadership
  • The roll-out of global threat detection systems
  • Security forensics
  • Methods of industrial system cyber threat countering

Information and experience sharing was also a significant theme at the conference, with several speciality topics including:

  • eFraud
  • Law enforcement
  • Strategy
  • Architecture and data security
  • Cloud security
  • Mobile security
  • IoT security

With 100 sessions and a myriad of well-respected keynote speakers in the industry, there was undoubtedly much to see and do for the cyber experts in attendance.

Future Trends and Highlights

While a great deal of attention was given to security threats facing the industry at present, for many cyber experts, future security trends were a highlight.

Security, privacy, legislature and foreign affairs were just some of the topics discussed in-depth. The focus of these topics veered away from the technical side of things, focusing instead on how these elements will impact on the future of cybersecurity and the industry.

The RSA Conference addressed issues such as the state-sponsored attack which hasn’t seen much progress since 2015. As cyber-warfare remains a real threat, it seems that the stumbling block is in the implementation of an actionable agreement that dictates acceptable behaviour among different countries and states in cyber space.

A responsive Security Operation Centre was set up for the duration of the conference. The centre observed the behaviour of attendees on the network traffic without interfering. The purpose of the centre was to determine just how security conscious attendees were, and the results were astounding. Over the course of the week, the op centre detected numerous unencrypted emails containing confidential information and malware submissions.

Future Threat Trends

When it comes to future threats and warnings evaluated and reviewed during the course of the conference, the reminders and memory refreshers were welcomed. Keynote speakers paid particular attention to the following trending and future threats:

  • The ability of hackers to bypass two-factor or multi-factor authentication methods.
  • The trend of cybercriminals attacking systems without security patches.
  • The attack of third parties and supply chains using sophisticated phishing techniques.
  • The ability of attackers to scale-up their attacks and how to detect replicated attacks.
  • The trend of cybercriminals attacking with the intention of causing damage and losses.

Conclusion

The take away of topics from the RSA conference was vast, but it is clear that cybersecurity took top spot and looks set to keep that position into the foreseeable future.

Cyber Crimes Bill – Is SA Really a Safe Haven for Cyber Criminals?

Cyber Crime has been of concern in South Africa for quite some time. In fact, for far too long, the country seemed to simply ignore it. There was no real recourse.

In May 2019, at the IT Web Security Summit held in Johannesburg, it was noted that South Africa had become a safe haven for cybercriminals due to the apparent lack of legislation that addresses cyber-crime.

Industry professionals are pushing for the Cyber Crimes Bill to be adopted to keep all South African’s safe from the evils of cybercriminals, but that’s not the only reason why our country needs such legislation. The future of the country’s economic growth depends on it too.

Living in a Digital Age

At work, at home, at leisure – everywhere you turn, people are on their mobile devices using online systems and connecting via public networks, most of which are unprotected. If the country is to attract foreign investors, when they are not protected legally from the threat of cyber-crime, there needs to be some accountability.

Why does SA not have an active Cyber Crimes Bill?

It is not surprising to hear that South Africa is lagging behind the rest of the world when you consider that the Department of Justice only initiated the process for setting in place the specifications for the Cyber Crimes Bill in South Africa in 2015.

The proposed Bill has since received considerable backlash and been through numerous reiterations and drafts, but finally, in October of 2018, the Bill was tabled. The National Assembly passed the Cyber Crimes Bill in November 2018, and it now sits with the National Council of Provinces for agreement before being signed off by our President Cyril Ramaphosa, who has already vowed to establish a digital industrial revolution commission.

The hope is that there are no further setbacks or amendments to the draft Bill and that it is accepted as it stands. Until such time, South Africa has no real formative legislation or recourse to fight cybercrime and will remain a haven for cybercriminals.

How do you feel about the Cyber Crimes Bill? Do you think it has value for the country or is it just one of those things that will probably never get done? Let us know your thoughts and opinions.

Is South Africa going to war against hackers with enough manpower backup?

Online criminals still seem to be winning the war even though South Africa has implemented a number of legislative changes to combat it. Authorities have noted the increase in cyber-attacks on companies and regular citizens, but not much progress seems to have been made in setting up strategies to combat future attacks.

While hackers will never be put out of business, State Security Minister, D. Mahlobo, counselled that SA was indeed on the right track when it comes to designing and effectively implementing defence mechanisms for the country’s cyber security.

For South Africa, it’s exciting times for economic growth through online technological developments. Unfortunately, this also puts many businesses in a position to of having to deal with hacking, breaches and general online fraud.

South Africa’s Cybersecurity Bill was put in place in the hopes of equipping authorities and businesses with the correct tools and strategies to address cybercrime.

What are Hackers After?

A hacker doesn’t directly harm or threaten another person – just their data. These individuals are professionals who know how to identify a vulnerable person or corporation and then find ways of gathering personal information on individuals and the business such as ID numbers, addresses, banking details, credit card details, and so on.

What is South Africa Missing in the War Against Cyber Crime

The process of cybercrime is specialised. One cannot expect the average person on the street to understand the sophisticated methods and techniques that a modern cybercriminal uses.

Not everyone will know or understand DDoS attacks, web scraping and malicious bots, and this is why it is so important to South Africa to have access to trained cybersecurity personnel. This is something that the country lacks and it is this lack of skills that is putting us on the back foot in the war against cybercrime.

Cyber-attacks come in the form of ransomware, accessing networks that are insecure and even tricking people into sharing their personal sensitive information. The attacks range from simple to complex and without trained individuals in the field, they can be quite hard to notice or even detect after the fact.

How Does your Backup Affect Your Cybersecurity?

So, you know that you shouldn’t store too much sensitive information on your computer, laptop or device and you dutifully do your backups to keep your devices clean and clear. Criminals will find no gain in scouring your computers and you are extra careful when sharing information and making payments online. Are you safe? Are you doing your bit to combat cybercrime in South Africa?

Are you doing Enough?

The short answer is no. Simply backing up your data does not mean that you are completely safe. You need to make sure that your data is being encrypted when it is backed up and you should take the time to refresh your passwords regularly.

If you need to make online payments, think about investing in a digital credit card. You can transfer a limited amount of money into this card and use it for your online purchases. If online criminals ever get those details, you will at least have some level of protection and won’t lose everything.

Want to know more about how to do your bit towards the war against cybercrime in SA? Get in touch with us at Soteria Cloud today.

SAPS warns of online scams

Recently the Newcastle SAPS thought it necessary to issue a public warning about online scams after noting an increase in the number of incidents where individuals were paying for cars online and never receiving the vehicles. While you might think this is a “no-brainer”, there are some who clearly don’t think the same way.

You should never pay over any money for a vehicle until you have actually seen it, but there are those who are still caught out in this way. And it’s not just the purchase of vehicles where this happens. Many have been caught out paying for items online that they just never receive, ranging from a car to a gift or even an item of clothing. The risk is real and South African’s need to be more careful when transacting online.

Tips issued by the SAPS

In an attempt to help South Africans protect themselves, the SAP have issued a few tips as follows:

  • Be smart to phishing attempts. Know without a doubt that your bank or credit card company will never contact you by telephone or email to ask you to update your personal details. If you are requested to click a link to update details, you are putting yourself at risk. Your personal information can be collected and used for fraudulent activity. Online competitions are also a great way of phishing. If you have to complete forms with your personal particulars in order to win money or an impressive prize, you might become a victim of phishing.
  • Never share or write down your PIN, password or online ID as these can be stolen and used to carry out fraudulent purchases in your name.
  • Do not save your internet banking profile and password details on your computer, and try to avoid doing online banking on any public computers.
  • Make use of the limits on your cards and accounts. This can save you major financial losses should a criminal access your accounts.
  • Only transact with reputable companies online. If you find a product that is too good to be true, it usually is. Be careful.

Newcastle SAPS Corporate Communications Officer, Captain Jabulani Ncube urges all South African’s to be aware of the risks and to take the necessary safety precautions to avoid becoming part of the statistic.