By Prof. Danny Myburgh, Managing Director at Cyanre – The Digital Forensic Lab
Between 2019 and 2020, South Africa went from being largely ignored on chat boards on the dark web to spiking in interest. Since these chat boards are where cyber criminals discuss and access ransomware and other software to attack and infiltrate networks, it’s not good news for South African organisations.
These marketplace networks that can only be accessed on the dark web offer phishing and fraud-related activities that enable cyber criminals to make lucrative profits by creating, operating, and selling stolen data.
The statistics tell us everything we need to know.
According to Accenture’s Insight Into The Cyberthreat Landscape In South Africa report, South Africans suffered 577 malware attacks per hour in 2019, 22% up from the previous year. As a whole South Africa experienced R2.2 billion in losses due to cyberattacks, and fraud via mobile banking applications doubled.
The State of Ransomware 2021 report reveals that the average ransomware attack costs a South African company over R6.4 million. Across the globe, the cost of recovery from a ransomware attack has more than doubled in the space of one year. Attackers have moved from larger scale, generic, automated attacks to more targeted ‘human hands-on-keyboard’ hacking. The result is fewer but more successful attacks that are harder to recover from, and with ransomware available on the dark web for as low as $100 (around R1,700), even the most unskilled criminals can successfully pull off cybercrimes.
A 2021 report from security firm Kaspersky revealed that more than 40% of victims of ransomware attacks in South Africa pay the cybercriminals responsible to try to secure or recover their data. Unfortunately, in many cases, the criminals simply disappear with the money. Only 29% of victims were able to restore all their encrypted or blocked files following an attack, whether they paid or not.
The statistics can be daunting. Cybercrime is one of the biggest threats facing organisations today, and from paying ransoms to being unable to operate, to the reputational costs of a data breach, the impact can be devastating.
Here’s what the landscape looks like at a global level and for South African organisations.