Financial Impact of Cyberattacks | Cybersecurity

Quantifying the Financial Impact of a Cyberattack on SMEs – Cybersecurity

By now, most business owners who read our articles will be familiar with the financial impact that a Ransomware attack can have – and the amount of money that companies have had to pay cybercriminals to get their data back is just the tip of the iceberg.

The true cost of an online attack can be far more than the ransom demanded by hackers.

When factors like downtime, data recovery, forensics, system restoration, and potential fines from the Information Regulator are taken into account, falling prey to a cyberattack could cost your business hundreds of thousands or even millions of Rands.

In this article, we explore the financial impact of a cyberattack and provide some tips and tools for business owners to calculate the true cost.

Cyberattacks: what’s the damage?

Understanding the financial impact of a cyberattack is far easier when we consider the various costs that are involved in recovering from a crime like this.

A report from the Ponemon Instutite determined that of the 5 most vulnerable industries that experience data breaches – healthcare, financial, pharmaceutical, energy and industrial, the average cost of a breach in the healthcare industry exceeds $10,93 million (over R19 million).

In general, the cost of a cyberattack consists of the following factors:

  • Detection and client notification costs
  • Data recovery costs
  • Network restoration costs
  • The legacy costs of reputational damage and possible financial claims
  • Regulatory compliance fines

In the wake of a cyberattack or data breach, your business will need to jump into action.

In addition to having a cyberattack response plan so that your efforts remain calm and effective, you’ll need to quickly alert clients and anyone else whose data has been compromised and undertake the process of data recovery.

The POPI Act requires businesses to be good custodians of their clients’ data and take all possible steps to protect it before, during, and after a cybersecurity incident.

  • Failure to do so could result in heavy fines (capped at R10 million) or even prosecution.
  • Special insurance may be necessary for companies that handle vast amounts of client data should the incident be investigated by the Information Regulator.

In addition to compliance costs, expenses related to the restoration of your network can range from four to six figures depending on the size and scope of the damage.

  • Downtime following a cyberattack can cost your business a fortune in lost revenues and undeliverable products and services. A larger SMB or corporation may face millions of Rands in wasted productivity while its systems are down.

According to a 2023 study of hundreds of organisations, the average cost of recovery per file could amount to R2 750, which is an 8% increase from 2022. The costly consequence of a data breach can be determined by taking all of the above factors into consideration or by using one of the many “cost calculators” such as Arctic Wolf to estimate the cost to your company.

A major cyberattack could cost millions in total, but for a small monthly investment in secure cloud storage you can keep your data safe, updated, and encrypted.

Soteria’s range of cloud storage packages is the place to look if you’re serious about data security. To learn more, browse our product page or contact our team today.

Be Prepared for ransomware attacks | Ransomware

‘Tis the season to be careful: Avoiding ransomware attacks over the holidays

The festive season is upon us, and with it comes the unfortunate spike in crimes that accompanies the summer holiday season every year. Recently, cybercrimes have joined this trend with the number of ransomware attacks and other data breaches increasing in the December to January period.

As you prepare to close down for the summer and take a well-deserved break, cybercriminals are gearing up for a destructive holiday season. Here’s what SA families and business owners need to know in order to keep their data safe this year.

Africa: a prime target for cybercrimes

The African continent is ripe with opportunity, and internet adoption is running at double speed from Cape to Cairo – but cybersecurity is lagging, and that means huge vulnerabilities over the festive season and beyond.

  • The Interpol African Cyberthreat Assessment Report indicates that over half a billion internet users log on from locations in Africa. Internet penetration in countries like Kenya is over 80%, with SA approaching 60%.
  • Unfortunately, up to 90% of businesses in Africa are running sub-par cybersecurity protocols. This makes the continent a sitting duck for data thieves and ransomware hackers – and the festive season is the best time for them to strike.

Holiday season staffing opens vulnerability gaps

With many companies shutting shop for the festive season, skeleton crews will be taking the reins at IT departments around the country. That means fewer hands-on deck at a time of year when cyberattacks are at their peak.

South African companies typically have 50% of their cybersecurity staff on hand during the year-end holiday, compared with 80%-90% in other countries like Germany.

Securing your data during the year end break is essential, and it starts with secure passwords, cloud storage, and comprehensive backups. Making sure that these are in place before you close down for the holidays will let you rest easy as you enjoy a well-deserved rest.

Backup against ransomware attacks with Soteria Cloud

With reduced resources over weekends and during the holidays, assessing and assembling an incident response team in the event of a ransomware attack takes longer. Regular data backup is the best way to protect yourself against an attack at any time of the year.

We are an innovative cloud storage and backup service provider based in Cape Town. Learn more about what we offer and how it can keep your business data safe here.

Held to Ransom | Ransomware

Never too small to be held to ransom

Ransomware attacks affect businesses of all sizes, and although it’s usually the big names that make it into the media reports an increasing number of SMEs are falling prey to cybercrime and being held to ransom.

As a small business owner, online security needs to be one of your biggest priorities. Here’s why ransomware attacks are something that could affect your enterprise directly – and what you can do to reduce your chances of losing crucial information to cybercriminals.

Ransomware is on the rise and our alertness should be too

Recent reports indicate that ransomware attacks against South African businesses have increased sharply over the past year and this trend shows no sign of reversing.

Large cyberattacks on retail giants like Shoprite and banks such as Absa may give the impression that only large corporations are being targeted by criminals, but this isn’t necessarily the case.

  • SMEs are easy pickings for cybercriminals and particularly vulnerable to being held to ransom
  • Many SMEs believe that their small business is not worth targeting, and consequently, haven’t made the necessary preparations to protect themselves against a ransomware attack
  • A typical South African SME may have invested in antivirus software, a firewall or basic email security, but these measures may not be enough to keep a ransomware attack from happening – especially if they haven’t been updated recently.

Cybersecurity awareness may be lower in small businesses that don’t have a dedicated IT department. This can cause employees to be lax when it comes to their online behaviour, opening the door for a cyberattack.

Secure your business against online threats

SMEs make up almost 98% of business in South Africa and employ nearly 60% of our workforce. With the Covid lockdown companies moved to remote working, which came at a big cost to small businesses. Many have opted to keep a hybrid model which opens them up to an additional range of cybersecurity issues and makes them particularly vulnerable to ransom attacks.

To reduce the risk of a ransomware attack, small businesses should ensure that they have the following security measures in place.

  • A high-quality up-to-date firewall
  • Commercial grade antivirus software
  • Encrypted secure cloud storage
  • A comprehensive data security policy with training for employees
  • A communications policy that is designed to prevent unintended data leaks, including sensitive information like passwords.

No matter what size your business is, secure cloud storage is one of the best first tips you can take to keep your data safe. Get started with cloud backup today by browsing one of our packages for enterprise users.

Reporting a data breach | Cybercrime

Do I need to report a data breach?

According to the POPI Act, an organisation that gathers personal information about others is required to report any data leak or breach in security in a timely manner.

In other words, once you are aware of the data breach you should waste no time in informing the Information regulator and providing as much information as you can so that the organisation has a clear picture of:

  • exactly what kind of data was leaked
  • when it happened
  • who was affected

when do I need to report a data breach?

The number of data breaches affecting South African companies almost doubled over the past year, making it more likely than ever that your business may be affected by one.

For company owners and managers, dealing with the damaging effects of compromised data or a ransomware attack can be extremely stressful – and there’s also a further requirement that any compromised personal information needs to be reported to the authorities.

The POPI (Protection of Personal Information) Act places a strong duty on organisations that collect customers’ personal data to report data leaks in a timely manner. To help our customers comply with the regulations, let’s take a look at the POPI regulations and the responsibility of data collecting entities in more detail.

reporting data leaks is your legal obligation

As a business operating in South Africa, you are obliged to abide by the terms of the POPI Act. One of the regulations that companies need to follow is reporting data leaks to the Information Regulator of South Africa, a body which monitors and enforces POPI compliance.

Here’s what the law has to say about companies’ obligations to report compromised personal information:

  • In terms of section 22 of the POPI Act if there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person, the responsible party (your business) must notify the Information Regulator and the data subject (the victim of a data leak) and provide a comprehensive notification of the type of breach.

In other words, if you think a data leak or breach has occurred you need to let the Information Regulator of South Africa know about the incident in detail – without delay.

covering yourself: the benefits of complying with the POPI Act

Reporting incidents when the personal information of your client base has been compromised in a data leak is a legal obligation that will help keep your business on the right side of the law.

It’s also an action that could help you legally if one of the people whose information was leaked decides to take action against you in a civil case.

While the information in this article is a general overview of the law, we are not in the business of dispensing legal advice. When a data leak occurs, it’s essential to consult a lawyer who specialises in cybersecurity cases so that you follow a strategy that’s legally sound.

protect your business and customer data with secure cloud storage

There’s no doubt that complying with the POPI Act is a legal requirement, but it also can be a very stressful and time-consuming process. To reduce the risk of a cyberattack and the need to report compromised personal data, it’s essential to secure your company’s information using encrypted, cloud-based storage. To discover a package that’s right for your business, browse our service offerings today.

Defend your Data | Cybersecurity

Cybersecurity must haves to defend your data

If you are a regular reader of our blog, you’ll know that we’ve been  sounding the alarm about the rising tide of cyberattacks targeting SA companies and other institutions. Several large data leaks affecting well-known brands have been dominating the tech headlines since late last year, serving as a strong reminder that cybercriminals won’t be going away anytime soon but it’s never too late to defend your data.

In order to ensure the safety of your business data, it’s essential to take a holistic approach to dealing with online threats and resolving them from a data and financial point of view.

Here are some things  to consider when protecting sensitive information from hackers and online criminals.

ransomware: the threat is real

The Veeam Ransomware Trends report for 2022 reveals  that 9 out of 10 companies have experienced a ransomware attack, with one third of the data involved being unrecoverable.

  • In the case of large companies, ransomware attacks can be especially costly, with each incident involving an average of R7 million in ransom. Even if the company refuses to pay this type of amount, the damage to their brand and reputation could easily exceed it.

insure against cybercrime losses

No business would operate without physical insurance covering their premises and inventory. Yet many companies are inadequately insured against cybercrimes, exposing their owners and shareholders to costly financial losses.

2022 is the year to review your backup plan and your business insurance. It’s time to take a stand against cybercrime by protecting your business from cyber threats, and ensuring that if you’re security is breached, you are insured for any financial losses resulting from stolen data, lost sales, and damages claimed by customers whose information is lost in a data breach.

make sure your company is POPIA compliant

The Protection of Personal Information Act places extensive obligations on businesses to protect their clients’ information.

  • While ensuring your business against these losses as mentioned above, it is essential to ensure that you comply with the new law and take all necessary measures to protect your customers’ data.
  • This includes asking for permission to store and distribute any sensitive information that comes from your client base.

make secure cloud storage the backbone of your cybersecurity preparedness

Taking a simple step such as backing up your data in the cloud and encrypting it could help protect your sensitive information from cybercriminals while minimising the impact of a data leak or hacking attempt. Insuring your business against such an attempt or loss of data is a secure backup to your online backup.

To learn more about secure cloud storage and how it can benefit your business visit our website or contact us today.

Protect Yourself from Hackers | TransUnion Hackers

Here’s How to Protect Yourself from TransUnion Hackers (and any other Hackers)

Last month, TransUnion (one of the biggest credit bureaus in the world) suffered a hacking attack at its SA subsidiary with a $15 million dollar ransom attached. More than 3 million client records were stolen during the attack and a further 6 million IDs exposed, with hackers from the group N4ughtySecTU demanding payment in exchange for not releasing sensitive information of “28-million credit records” online.

Since the company refused to pay this astronomical amount, that they said was “extortion”, the stolen data could be circulating online right now – and any South African credit user could be affected.

If you’re worried about the implications of this huge cybersecurity breach, you’re not alone. Fortunately, there are some things you can do to protect yourself from hackers, even if your data has been compromised.

Let’s take a look at the latest news on the TransUnion leak and what you can do to secure your privacy.

millions of customers’ data is on the loose – now what?

In the aftermath of the TransUnion leak, millions of South Africans – including President Ramaphosa –  have become victims of cybercrime overnight. To find out if you were one of them, the best thing you can do is to contact Trans Union directly, although TransUnion advised that affected individuals had been emailed directly.

If you think that your information has been leaked, it’s important to remain calm while recognising that your personal data could be used by criminals. Some of the crimes that leaked data can be used for include:

  • Financial scams
  • Phishing emails
  • Telephone scans
  • Tracking your whereabouts to commit physical crimes
  • Identity theft using your name

If you suspect that you have become a target of online or physical criminals, it’s essential to notify the police immediately. You should also safeguard your information by following the steps below.

how to get back your privacy after the TransUnion leak

In the wake of the biggest data breach to affect a South African credit bureau, TransUnion is offering affected individual access to its TrueIdentity Service free of charge until the end of 2023.

It’s definitely worth accepting this offer, but that alone may not be enough to prevent your information being used by criminals.

Aside from regularly checking for updates from TransUnion, here are some other steps you can take to protect your privacy.

  • Change your passwords on all your important online accounts, including your email and electronic banking profile
  • Don’t use your name, children’s names, or place of work or residence as a password
  • Be especially suspicious of unusual phone calls, text messages, or emails from people claiming to work at your bank or credit card provider
  • Verify any requests for personal information
  • Never click on a suspicious link
  • Change your security questions
  • Keep a close eye on your bank accounts and credit reports

protect yourself from hackers

Taking the above steps should help you secure your data so that you can rest easy.

Wherever possible, activate a two-factor authentication on your accounts which will certainly help block automated attacks, however, it’s important to remember that hackers are sometimes able to bypass multi-factor authentication through bots. To ensure that your business and personal data is fully protected in the future, be proactive about your data security and choose one of our secure cloud storage solutions today.

Financial Services Ransomware Attack | Ransomware

Ransomware attack hits financial services firm Curo

Curo is one of the country’s best-known asset management firms with more than R2 trillion in its overall portfolio. The company was hit by a ransomware attack in early 2022 just as companies were returning from the festive season break, jolting the firm’s management and IT experts into action as they responded to the crisis.

Like many ransomware attacks, the Curo incident involved cybercriminals taking the company’s valuable data hostage and demanding payment in exchange for its release.

If your business found itself in a similar situation, your first instinct might be to pay and make the problem go away, particularly when you are unable to access your systems as a result of the attack. Surprisingly, Curo decided not to engage with the attackers and used IT specialists to regain control of its company data.

five days of downtime – how Curo weathered the storm

Financial services is an industry where every second counts. Fund managers need immediate access to investment data on an instantaneous basis in order to respond to changes in the markets, and clients expect regular updates based on the most recent and reliable financial information available.

When time means money and success and failure can occur in minutes, imagine being locked out of your data for five days. The potential for disaster was huge, but Curo averted a red alert situation with quick and responsible action.

Fortunately for the company, the ransomware attack didn’t affect highly sensitive customer information and Curo didn’t lose control of its financial assets at any stage of the incident.

This gave management some breathing room to strategise, and their final decision was to ignore the criminals behind the attack completely and focus on restoring their systems to full functionality.

Cyberattacks are sadly becoming daily occurrences in South Africa, as seen with the likes of Transnet, the Department of Justice and even African Bank who were all victims of ransomware attacks last year.

no business is safe from a financial services ransomware attack

Faced with a similar scenario, how would your business react?

Every business needs a response plan and a ransomware attack backup plan. It’s what you do in the hours and days following an incident that will enable to lessen the damage in just this kind of scenario.

save your data from a ransomware attack with secure cloud storage

Ransomware attacks can only target your business data if it’s vulnerable to being attacked in the first place. Secure cloud storage, implemented as part of an overall cybersecurity policy, can help keep your sensitive information out of the wrong hands.

If you’d like to secure your business data with a cost-effective and  highly secure cloud solution, our range of packages for individuals and businesses could be a great solution. To learn more about our services, contact us today.

Have the Right Credentials | Ransomware Attacks

Do you have the right Credentials to evade Ransomware attacks?

Ransomware is a particularly nasty type of malware that’s used to hijack your important business data and – like the name says – demand a ransom in exchange for its release.

Attacks of this type have been rising in South Africa, with big names like Transnet and most major banks having been hit by wily hackers. Protecting your business from this type of crime is a major priority in 2021 and beyond.

The cost both to your company’s finances and its reputation in the wake of a ransomware attack can be huge, and like all unpleasant things it’s always better to prevent it in the first place.

Having an excellent antivirus software, firewall and other data security measures in place as well as opting for secure cloud storage are all excellent ways to defend your business from ransomware. But here’s the thing: all of these great measures could still fail if you neglect a small but essential aspect of data security: secure user credentials.

make sure the authorised user is really you

One of the easiest ways for hackers and ransomware creators to access your data in the first place is by breaching the first line of defence. Yes, that’s your trusty old password.

  • AI-driven password cracking software is now capable of decoding an eight-letter password in a number of hours and a twelve-letter password in just a few days.
  • As the software advances, these processing times are likely to drop further, and that means one thing. The days of using a password as your only means of data protection are long over.

A password is a piece of information that you know – and that means that someone else can know it too just by stealing it. A better approach to data security is to use information like biometric data that’s a physical part of you.

New credential verification systems like those used by Microsoft and eBay are helping users around the world to go “passwordless”, separating identities and passwords once and for all.

keep your data safe with a cloud-based storage solution

If the headaches that come with securing your data on-site don’t seem worth it, it’s because they aren’t. Leave the security to us and opt for cloud storage for your enterprise. Contact us today to find out how.

Cybersecurity Vulnerabilities | Data Threats

Does your company have cybersecurity vulnerabilities?

As a 21st-century entrepreneur you possibly do a lot of business on the Internet. There’s no doubt it’s a great strategy, but it comes with its own set of risks. From data breaches to ransom ware and your run-of-the-mill viruses, there are a host of dangers out there on the web Continue reading Cybersecurity Vulnerabilities | Data Threats

Your A-Z List of Cybersecurity Threats

In today’s modern world of IT and the pace at which it develops you could be forgiven for thinking that you are forced to face a new cybersecurity risk or threat almost daily. Sadly, this isn’t far from the reality.

Cybercriminals are developing new cyber strategies just as quickly (or even quicker) than the pros are shutting them down. A consequence of these relentless cyberattacks is the need to ensure that you’re always fully aware of new and developing cybersecurity threat types.

Here’s a brief list of the most common cybersecurity threat types to be aware of this year.

  • apts – advanced persistent threats

This is a very sneaky type of attack, whereby the cybercriminal quietly infiltrates the network and remains there, undetected, for an extended period while slowly syphoning data from the network.

  • ddos – distributed denial of service

This type of attack involves hackers flooding a server, website or similar with a multitude of connection requests, packets, and messages. The outcome is a very slow system or a crashed system that legitimate traffic is unable to access.

  • insider threats

The term “insider threats” implies that the threat or risk is malicious, but this type of threat can also be through unintentional human error and negligence. These threats are human-caused data losses and breaches that typically come from customers, employees, and contractors.

  • malware

Malware is malicious software that is either purposefully or inadvertently (by clicking on an email link or attachment or visiting a risky site) downloaded to a computer. Once the malware is on the computer in the form of spyware, a Trojan, a virus, or worm, it starts to cause harm to the computer and the files saved on it.

  • mitm – man in the middle attacks

An MitM is a type of attack that involves eavesdropping. A hacker intercepts messages between two parties and relays them to a third party so that the information can be used for malicious intent.

  • phishing attacks

Even though phishing attacks are one of the most prominent ways of hackers getting inside computers and networks, many people still don’t really understand that phishing is a form of social engineering. Hackers create messages (emails, content) that appear to be from a legitimate source and send them out to people. When the recipient opens the message or email, they assume it is legitimate and follow the instructions in the message. This can lead to them inadvertently sharing their personal particulars, log in details, and even credit card details with a cybercriminal.

  • ransomware

Ransomware is a type of malware that is particularly malicious and damaging. When a hacker manages to get ransomware on a device (usually through an email link or visiting a risky website), they lock the user out of their own files by encrypting them.  When the user tries to access the files, a message pops up demanding a payment to decrypt the files on the device.

  • spear phishing

Phishing attacks are usually random, whereas spear phishing attacks target a specific person, business, or organisation. This type of attack is very strategic and includes advanced skills from the attackers. They aren’t just taking a chance on anyone – they’re after something specific.

  • social engineering

Social engineering takes advantage of human gullibility and error. This type of attack uses human interaction to lure people into breaking regular security processes to gain access to sensitive data. An example of social engineering is when someone phones you and says they are from the bank. They have some of your information but require you to answer a few security questions before they can proceed with the very official sounding call. You proceed to give them your full physical address, ID number, and banking details. You may even give them your card details if they request it. This is just one example of social engineering.

the importance of knowing what risks are out there

The value of the list above lies in the fact that you can only create a cybersecurity system and protocol for your business if you know what you are protecting it from. Threats are changing consistently, and as such, you will need to change, update, and enhance your security protocols consistently.

last word on cybersecurity threats

Protecting your data and devices is so much more than simply avoiding the hassle of encrypted files and crashing computers. It’s about protecting your clients, defending your company’s good image, and avoiding the risk of paying legal fees if you happen to mishandle someone else’s sensitive data. Familiarise yourself with the threats out there and get to work sprucing up your cybersecurity system today.

Do you know of any cybersecurity threats that don’t appear on our list? Let us know!