MainOne links up with Orange, Minkels to boost connectivity

MainOne goes
with Orange

Companies announce
major investment.

Wednesday, Sep 19th

South Africa, prepare for more cyber attacks

South Africa, prepare for more cyber attacks

Cyber security solutions firm Fortinet has issued a stern warning to South African businesses and organisations: prepare for an escalation in cyberattacks as digital criminals expand targets to home network devices and mobile devices.

According to Fortinet's Global Threat Landscape Report for Q2 2017, 90% of organisations recorded attacks targeting system and device vulnerabilities that were at least 3 years old – even though updates and patches that corrected those vulnerabilities had long been available.

The company says that even more alarming is that approximately 60% of organisations reported successful attacks that had targeted vulnerabilities that were 10 or more years old. Moreover, 1 in 20 of such attacks today target mobile devices, such as Android-based smart phones and tablets.

Fortinet adds that cyber attackers target a wide range of known vulnerabilities in these devices − known collectively as IoT − in order to control them remotely, collect users' data, or install malicious code.

"That allows attackers to aggregate millions of similarly compromised devices into huge cyber weapons known as botnets that can be used to generate huge volumes of data traffic that can overwhelm and shut down targeted online organisations or cripple Internet traffic," the security company adds.

Fortinet recently released the findings of the 2017 Global Enterprise Security Survey, which, for the first time, included South Africa.

The survey examines the changing attitudes towards security in business during July/August 2017.

"With ransomware, data breaches and other cyberattacks successfully infiltrating organisations on a daily basis, sometimes it can be hard for the board to find somebody to blame. In some cases it's obvious, such as when identified malicious insiders are the culprits. But other times, when the cause is not so blatant, the hammer will usually come down on the office of the CIO/CISO and their team. And in some cases, they may be correct to do so – sometimes everything may not be up to scratch, from both a technology and a process perspective," the company explains.

IT security spend

Paul Williams, country manager – Southern Africa at Fortinet, said based on information from the survey, IT security spend on security has increased as has knowledge of the prevalence of cyber security attacks like malware and ransomware.

"If you look at the wannacry virus that hit us with regards to the beginning of this year, 24% worldwide were affected, and (in) South Africa it was 25% ... although we think we're outside the realm of global, sometimes we are affected as badly if not worse sometimes with certain viruses," he said.

Despite the increase in spend, the reality is that it is not enough to date Williams continued. "If they were spending 20% two years ago, they are now spending 40% or 35%, so it is not a dramatic increase, it's just an increase."

When it comes to knowledge of security and general awareness, the survey found that on a management level and IT department level, most people in the organisation understand cyber security threats but often lack the knowledge of physically understanding advanced threat prediction mechanisms and what technology is available to facilitate this.

According to Williams the main message to the market is that security is a reality and a grudge purchase perhaps, but any company in any vertical has to take responsibility – and this means proactive input from all role-players (including the CIO, CTO and CFO) to understand the implications of security breaches.

This involves security technology policies, governance model review and other security implications across the board.

Williams explained that while there are parallels that the rest of Africa can draw from the South Africa findings, it is necessary to take a country-specific approach.

"With the rest of the continent, you have to be more country specific...for Nigeria, West Africa English speaking I would say perhaps 70%, for English speaking East Africa and Egypt I would say also again 70%, and for North Africa I would say about 80%. And also some of the countries in between that the answer is really 40% or 30%, because the maturity value of the security personnel and the understanding cyber security in those countries is very low."

ALSO ON ITWEB AFRICA

Zim's passport applications go online Published on 09 August 2012

Digitisation of the process is aimed at clearing a backlog that has affected the nation for years.

MTN's Nigeria crisis deepens Published on 06 September 2018

Whistleblower heightens tensions between operator and local authorities in the company's biggest African market.

MainOne links up with Orange, Minkels to boost connectivity Published on 14 September 2018

Companies enter JVs to construct new base stations, branches and datacentre sites.

Workonline Communications further expands European presence Published on 19 September 2018

Workonline Communications has announced installation of a Point of Presence (PoP) in Interxion's data centre campus in Marseille.