Smarter Cybercriminals – Better Backup

The Ransomware Wave Intensifies as Cybercriminals Get Smarter

Ransomware is one of the most pressing online threats facing businesses today, and the not-so-good news is that it’s becoming more sophisticated.

Cybercriminals are discovering new ways to use AI to perpetrate online attacks, with several prominent businesses—including Starbucks—recently falling victim. To make matters worse, hackers are recruiting software developers on the dark web to raise the sophistication of their attacks to a level where many cybersecurity systems may be unable to stop them.

As the threat landscape becomes more advanced, business owners must take steps to protect their valuable data. Let’s look at the evolving threats and see what you can do to safeguard your company’s information.

Businesses of all sizes fall prey to ransoware attacks

The days when only large corporations were targeted by cybercriminals using ransomware are truly over.

Despite ongoing attacks against providers like Blue Yonder—which recently forced Starbucks shops across America to switch to a manual entry system to pay their baristas—cybercriminals are increasingly setting their sights on small and medium-sized businesses. These businesses have the funds to pay significant ransoms but often don’t have cutting-edge cybersecurity systems in place.

A striking example of such an attack is the recent ransomware disaster experienced by British logistics company Knights.

  • Russian hackers demanded millions of pounds to release encrypted files, including the company’s financial records.
  • Ultimately, rather than pay the ransom, the company’s management was forced to borrow large sums of money and eventually, to seek a buyer for the business as operations came to a complete halt.

The ease with which cyberattacks of this kind are being carried out raises the question: how sophisticated have hackers become that they’re able to bypass industry-standard cybersecurity systems?

Worryingly, the answer is very sophisticated indeed.

Cybercriminals harness AI and software professionals to carry out attacks

Artificial intelligence is revolutionising the way many industries do business, and unfortunately, cybercriminals are all too aware of its potential to assist in carrying out ransomware attacks.

  • Generative AI, such as ChatGPT, can be used to clean up phishing emails and make them sound entirely legitimate.
  •  Cybercriminals even programme AI applications to imitate the tone used by companies in their PR materials, making impersonation scams more believable.

While some cybercriminals are turning to AI, a worrying trend on the dark web has emerged, where Russian hackers have started recruiting software developers to find security loopholes in their own ransomware and other harmful apps.

This helps them evade detection and mitigation efforts by cybersecurity experts.

These incidents show that cybercriminals are not only extremely serious about continuing their attacks but are also targeting smaller and less well-known businesses with sophisticated ransomware that may be difficult to evade.

This makes it absolutely imperative for companies to invest in secure cloud storage so that a working version of critical company data is always available in the cloud.

Secure your business with total data protection

Total Data Protection is the only real assurance businesses have when it comes to safeguarding their valuable information.

With comprehensive secure cloud storage, featuring immutable storage, regular automated backups, and access to the past five years’ worth of saved data, our flagship package is a powerful, turnkey solution ideal for any business.

To find out how this solution could benefit your company, click the button below.

Financial Impact of Cyberattacks | Cybersecurity

Quantifying the Financial Impact of a Cyberattack on SMEs – Cybersecurity

By now, most business owners who read our articles will be familiar with the financial impact that a Ransomware attack can have – and the amount of money that companies have had to pay cybercriminals to get their data back is just the tip of the iceberg.

The true cost of an online attack can be far more than the ransom demanded by hackers.

When factors like downtime, data recovery, forensics, system restoration, and potential fines from the Information Regulator are taken into account, falling prey to a cyberattack could cost your business hundreds of thousands or even millions of Rands.

In this article, we explore the financial impact of a cyberattack and provide some tips and tools for business owners to calculate the true cost.

Cyberattacks: what’s the damage?

Understanding the financial impact of a cyberattack is far easier when we consider the various costs that are involved in recovering from a crime like this.

A report from the Ponemon Instutite determined that of the 5 most vulnerable industries that experience data breaches – healthcare, financial, pharmaceutical, energy and industrial, the average cost of a breach in the healthcare industry exceeds $10,93 million (over R19 million).

In general, the cost of a cyberattack consists of the following factors:

  • Detection and client notification costs
  • Data recovery costs
  • Network restoration costs
  • The legacy costs of reputational damage and possible financial claims
  • Regulatory compliance fines

In the wake of a cyberattack or data breach, your business will need to jump into action.

In addition to having a cyberattack response plan so that your efforts remain calm and effective, you’ll need to quickly alert clients and anyone else whose data has been compromised and undertake the process of data recovery.

The POPI Act requires businesses to be good custodians of their clients’ data and take all possible steps to protect it before, during, and after a cybersecurity incident.

  • Failure to do so could result in heavy fines (capped at R10 million) or even prosecution.
  • Special insurance may be necessary for companies that handle vast amounts of client data should the incident be investigated by the Information Regulator.

In addition to compliance costs, expenses related to the restoration of your network can range from four to six figures depending on the size and scope of the damage.

  • Downtime following a cyberattack can cost your business a fortune in lost revenues and undeliverable products and services. A larger SMB or corporation may face millions of Rands in wasted productivity while its systems are down.

According to a 2023 study of hundreds of organisations, the average cost of recovery per file could amount to R2 750, which is an 8% increase from 2022. The costly consequence of a data breach can be determined by taking all of the above factors into consideration or by using one of the many “cost calculators” such as Arctic Wolf to estimate the cost to your company.

A major cyberattack could cost millions in total, but for a small monthly investment in secure cloud storage you can keep your data safe, updated, and encrypted.

Soteria’s range of cloud storage packages is the place to look if you’re serious about data security. To learn more, browse our product page or contact our team today.

Be Prepared for ransomware attacks | Ransomware

‘Tis the season to be careful: Avoiding ransomware attacks over the holidays

The festive season is upon us, and with it comes the unfortunate spike in crimes that accompanies the summer holiday season every year. Recently, cybercrimes have joined this trend with the number of ransomware attacks and other data breaches increasing in the December to January period.

As you prepare to close down for the summer and take a well-deserved break, cybercriminals are gearing up for a destructive holiday season. Here’s what SA families and business owners need to know in order to keep their data safe this year.

Africa: a prime target for cybercrimes

The African continent is ripe with opportunity, and internet adoption is running at double speed from Cape to Cairo – but cybersecurity is lagging, and that means huge vulnerabilities over the festive season and beyond.

  • The Interpol African Cyberthreat Assessment Report indicates that over half a billion internet users log on from locations in Africa. Internet penetration in countries like Kenya is over 80%, with SA approaching 60%.
  • Unfortunately, up to 90% of businesses in Africa are running sub-par cybersecurity protocols. This makes the continent a sitting duck for data thieves and ransomware hackers – and the festive season is the best time for them to strike.

Holiday season staffing opens vulnerability gaps

With many companies shutting shop for the festive season, skeleton crews will be taking the reins at IT departments around the country. That means fewer hands-on deck at a time of year when cyberattacks are at their peak.

South African companies typically have 50% of their cybersecurity staff on hand during the year-end holiday, compared with 80%-90% in other countries like Germany.

Securing your data during the year end break is essential, and it starts with secure passwords, cloud storage, and comprehensive backups. Making sure that these are in place before you close down for the holidays will let you rest easy as you enjoy a well-deserved rest.

Backup against ransomware attacks with Soteria Cloud

With reduced resources over weekends and during the holidays, assessing and assembling an incident response team in the event of a ransomware attack takes longer. Regular data backup is the best way to protect yourself against an attack at any time of the year.

We are an innovative cloud storage and backup service provider based in Cape Town. Learn more about what we offer and how it can keep your business data safe here.

Held to Ransom | Ransomware

Never too small to be held to ransom

Ransomware attacks affect businesses of all sizes, and although it’s usually the big names that make it into the media reports an increasing number of SMEs are falling prey to cybercrime and being held to ransom.

As a small business owner, online security needs to be one of your biggest priorities. Here’s why ransomware attacks are something that could affect your enterprise directly – and what you can do to reduce your chances of losing crucial information to cybercriminals.

Ransomware is on the rise and our alertness should be too

Recent reports indicate that ransomware attacks against South African businesses have increased sharply over the past year and this trend shows no sign of reversing.

Large cyberattacks on retail giants like Shoprite and banks such as Absa may give the impression that only large corporations are being targeted by criminals, but this isn’t necessarily the case.

  • SMEs are easy pickings for cybercriminals and particularly vulnerable to being held to ransom
  • Many SMEs believe that their small business is not worth targeting, and consequently, haven’t made the necessary preparations to protect themselves against a ransomware attack
  • A typical South African SME may have invested in antivirus software, a firewall or basic email security, but these measures may not be enough to keep a ransomware attack from happening – especially if they haven’t been updated recently.

Cybersecurity awareness may be lower in small businesses that don’t have a dedicated IT department. This can cause employees to be lax when it comes to their online behaviour, opening the door for a cyberattack.

Secure your business against online threats

SMEs make up almost 98% of business in South Africa and employ nearly 60% of our workforce. With the Covid lockdown companies moved to remote working, which came at a big cost to small businesses. Many have opted to keep a hybrid model which opens them up to an additional range of cybersecurity issues and makes them particularly vulnerable to ransom attacks.

To reduce the risk of a ransomware attack, small businesses should ensure that they have the following security measures in place.

  • A high-quality up-to-date firewall
  • Commercial grade antivirus software
  • Encrypted secure cloud storage
  • A comprehensive data security policy with training for employees
  • A communications policy that is designed to prevent unintended data leaks, including sensitive information like passwords.

No matter what size your business is, secure cloud storage is one of the best first tips you can take to keep your data safe. Get started with cloud backup today by browsing one of our packages for enterprise users.

Reporting a data breach | Cybercrime

Do I need to report a data breach?

According to the POPI Act, an organisation that gathers personal information about others is required to report any data leak or breach in security in a timely manner.

In other words, once you are aware of the data breach you should waste no time in informing the Information regulator and providing as much information as you can so that the organisation has a clear picture of:

  • exactly what kind of data was leaked
  • when it happened
  • who was affected

when do I need to report a data breach?

The number of data breaches affecting South African companies almost doubled over the past year, making it more likely than ever that your business may be affected by one.

For company owners and managers, dealing with the damaging effects of compromised data or a ransomware attack can be extremely stressful – and there’s also a further requirement that any compromised personal information needs to be reported to the authorities.

The POPI (Protection of Personal Information) Act places a strong duty on organisations that collect customers’ personal data to report data leaks in a timely manner. To help our customers comply with the regulations, let’s take a look at the POPI regulations and the responsibility of data collecting entities in more detail.

reporting data leaks is your legal obligation

As a business operating in South Africa, you are obliged to abide by the terms of the POPI Act. One of the regulations that companies need to follow is reporting data leaks to the Information Regulator of South Africa, a body which monitors and enforces POPI compliance.

Here’s what the law has to say about companies’ obligations to report compromised personal information:

  • In terms of section 22 of the POPI Act if there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person, the responsible party (your business) must notify the Information Regulator and the data subject (the victim of a data leak) and provide a comprehensive notification of the type of breach.

In other words, if you think a data leak or breach has occurred you need to let the Information Regulator of South Africa know about the incident in detail – without delay.

covering yourself: the benefits of complying with the POPI Act

Reporting incidents when the personal information of your client base has been compromised in a data leak is a legal obligation that will help keep your business on the right side of the law.

It’s also an action that could help you legally if one of the people whose information was leaked decides to take action against you in a civil case.

While the information in this article is a general overview of the law, we are not in the business of dispensing legal advice. When a data leak occurs, it’s essential to consult a lawyer who specialises in cybersecurity cases so that you follow a strategy that’s legally sound.

protect your business and customer data with secure cloud storage

There’s no doubt that complying with the POPI Act is a legal requirement, but it also can be a very stressful and time-consuming process. To reduce the risk of a cyberattack and the need to report compromised personal data, it’s essential to secure your company’s information using encrypted, cloud-based storage. To discover a package that’s right for your business, browse our service offerings today.

Defend your Data | Cybersecurity

Cybersecurity must haves to defend your data

If you are a regular reader of our blog, you’ll know that we’ve been  sounding the alarm about the rising tide of cyberattacks targeting SA companies and other institutions. Several large data leaks affecting well-known brands have been dominating the tech headlines since late last year, serving as a strong reminder that cybercriminals won’t be going away anytime soon but it’s never too late to defend your data.

In order to ensure the safety of your business data, it’s essential to take a holistic approach to dealing with online threats and resolving them from a data and financial point of view.

Here are some things  to consider when protecting sensitive information from hackers and online criminals.

ransomware: the threat is real

The Veeam Ransomware Trends report for 2022 reveals  that 9 out of 10 companies have experienced a ransomware attack, with one third of the data involved being unrecoverable.

  • In the case of large companies, ransomware attacks can be especially costly, with each incident involving an average of R7 million in ransom. Even if the company refuses to pay this type of amount, the damage to their brand and reputation could easily exceed it.

insure against cybercrime losses

No business would operate without physical insurance covering their premises and inventory. Yet many companies are inadequately insured against cybercrimes, exposing their owners and shareholders to costly financial losses.

2022 is the year to review your backup plan and your business insurance. It’s time to take a stand against cybercrime by protecting your business from cyber threats, and ensuring that if you’re security is breached, you are insured for any financial losses resulting from stolen data, lost sales, and damages claimed by customers whose information is lost in a data breach.

make sure your company is POPIA compliant

The Protection of Personal Information Act places extensive obligations on businesses to protect their clients’ information.

  • While ensuring your business against these losses as mentioned above, it is essential to ensure that you comply with the new law and take all necessary measures to protect your customers’ data.
  • This includes asking for permission to store and distribute any sensitive information that comes from your client base.

make secure cloud storage the backbone of your cybersecurity preparedness

Taking a simple step such as backing up your data in the cloud and encrypting it could help protect your sensitive information from cybercriminals while minimising the impact of a data leak or hacking attempt. Insuring your business against such an attempt or loss of data is a secure backup to your online backup.

To learn more about secure cloud storage and how it can benefit your business visit our website or contact us today.

Protect Yourself from Hackers | TransUnion Hackers

Here’s How to Protect Yourself from TransUnion Hackers (and any other Hackers)

Last month, TransUnion (one of the biggest credit bureaus in the world) suffered a hacking attack at its SA subsidiary with a $15 million dollar ransom attached. More than 3 million client records were stolen during the attack and a further 6 million IDs exposed, with hackers from the group N4ughtySecTU demanding payment in exchange for not releasing sensitive information of “28-million credit records” online.

Since the company refused to pay this astronomical amount, that they said was “extortion”, the stolen data could be circulating online right now – and any South African credit user could be affected.

If you’re worried about the implications of this huge cybersecurity breach, you’re not alone. Fortunately, there are some things you can do to protect yourself from hackers, even if your data has been compromised.

Let’s take a look at the latest news on the TransUnion leak and what you can do to secure your privacy.

millions of customers’ data is on the loose – now what?

In the aftermath of the TransUnion leak, millions of South Africans – including President Ramaphosa –  have become victims of cybercrime overnight. To find out if you were one of them, the best thing you can do is to contact Trans Union directly, although TransUnion advised that affected individuals had been emailed directly.

If you think that your information has been leaked, it’s important to remain calm while recognising that your personal data could be used by criminals. Some of the crimes that leaked data can be used for include:

  • Financial scams
  • Phishing emails
  • Telephone scans
  • Tracking your whereabouts to commit physical crimes
  • Identity theft using your name

If you suspect that you have become a target of online or physical criminals, it’s essential to notify the police immediately. You should also safeguard your information by following the steps below.

how to get back your privacy after the TransUnion leak

In the wake of the biggest data breach to affect a South African credit bureau, TransUnion is offering affected individual access to its TrueIdentity Service free of charge until the end of 2023.

It’s definitely worth accepting this offer, but that alone may not be enough to prevent your information being used by criminals.

Aside from regularly checking for updates from TransUnion, here are some other steps you can take to protect your privacy.

  • Change your passwords on all your important online accounts, including your email and electronic banking profile
  • Don’t use your name, children’s names, or place of work or residence as a password
  • Be especially suspicious of unusual phone calls, text messages, or emails from people claiming to work at your bank or credit card provider
  • Verify any requests for personal information
  • Never click on a suspicious link
  • Change your security questions
  • Keep a close eye on your bank accounts and credit reports

protect yourself from hackers

Taking the above steps should help you secure your data so that you can rest easy.

Wherever possible, activate a two-factor authentication on your accounts which will certainly help block automated attacks, however, it’s important to remember that hackers are sometimes able to bypass multi-factor authentication through bots. To ensure that your business and personal data is fully protected in the future, be proactive about your data security and choose one of our secure cloud storage solutions today.

Financial Services Ransomware Attack | Ransomware

Ransomware attack hits financial services firm Curo

Curo is one of the country’s best-known asset management firms with more than R2 trillion in its overall portfolio. The company was hit by a ransomware attack in early 2022 just as companies were returning from the festive season break, jolting the firm’s management and IT experts into action as they responded to the crisis.

Like many ransomware attacks, the Curo incident involved cybercriminals taking the company’s valuable data hostage and demanding payment in exchange for its release.

If your business found itself in a similar situation, your first instinct might be to pay and make the problem go away, particularly when you are unable to access your systems as a result of the attack. Surprisingly, Curo decided not to engage with the attackers and used IT specialists to regain control of its company data.

five days of downtime – how Curo weathered the storm

Financial services is an industry where every second counts. Fund managers need immediate access to investment data on an instantaneous basis in order to respond to changes in the markets, and clients expect regular updates based on the most recent and reliable financial information available.

When time means money and success and failure can occur in minutes, imagine being locked out of your data for five days. The potential for disaster was huge, but Curo averted a red alert situation with quick and responsible action.

Fortunately for the company, the ransomware attack didn’t affect highly sensitive customer information and Curo didn’t lose control of its financial assets at any stage of the incident.

This gave management some breathing room to strategise, and their final decision was to ignore the criminals behind the attack completely and focus on restoring their systems to full functionality.

Cyberattacks are sadly becoming daily occurrences in South Africa, as seen with the likes of Transnet, the Department of Justice and even African Bank who were all victims of ransomware attacks last year.

no business is safe from a financial services ransomware attack

Faced with a similar scenario, how would your business react?

Every business needs a response plan and a ransomware attack backup plan. It’s what you do in the hours and days following an incident that will enable to lessen the damage in just this kind of scenario.

save your data from a ransomware attack with secure cloud storage

Ransomware attacks can only target your business data if it’s vulnerable to being attacked in the first place. Secure cloud storage, implemented as part of an overall cybersecurity policy, can help keep your sensitive information out of the wrong hands.

If you’d like to secure your business data with a cost-effective and  highly secure cloud solution, our range of packages for individuals and businesses could be a great solution. To learn more about our services, contact us today.

Have the Right Credentials | Ransomware Attacks

Do you have the right Credentials to evade Ransomware attacks?

Ransomware is a particularly nasty type of malware that’s used to hijack your important business data and – like the name says – demand a ransom in exchange for its release.

Attacks of this type have been rising in South Africa, with big names like Transnet and most major banks having been hit by wily hackers. Protecting your business from this type of crime is a major priority in 2021 and beyond.

The cost both to your company’s finances and its reputation in the wake of a ransomware attack can be huge, and like all unpleasant things it’s always better to prevent it in the first place.

Having an excellent antivirus software, firewall and other data security measures in place as well as opting for secure cloud storage are all excellent ways to defend your business from ransomware. But here’s the thing: all of these great measures could still fail if you neglect a small but essential aspect of data security: secure user credentials.

make sure the authorised user is really you

One of the easiest ways for hackers and ransomware creators to access your data in the first place is by breaching the first line of defence. Yes, that’s your trusty old password.

  • AI-driven password cracking software is now capable of decoding an eight-letter password in a number of hours and a twelve-letter password in just a few days.
  • As the software advances, these processing times are likely to drop further, and that means one thing. The days of using a password as your only means of data protection are long over.

A password is a piece of information that you know – and that means that someone else can know it too just by stealing it. A better approach to data security is to use information like biometric data that’s a physical part of you.

New credential verification systems like those used by Microsoft and eBay are helping users around the world to go “passwordless”, separating identities and passwords once and for all.

keep your data safe with a cloud-based storage solution

If the headaches that come with securing your data on-site don’t seem worth it, it’s because they aren’t. Leave the security to us and opt for cloud storage for your enterprise. Contact us today to find out how.

Cybersecurity Vulnerabilities | Data Threats

Does your company have cybersecurity vulnerabilities?

As a 21st-century entrepreneur you possibly do a lot of business on the Internet. There’s no doubt it’s a great strategy, but it comes with its own set of risks. From data breaches to ransom ware and your run-of-the-mill viruses, there are a host of dangers out there on the web Continue reading Cybersecurity Vulnerabilities | Data Threats