OPINION PIECE: Cyber Security

| A node for African thought

OPINION PIECE: Cyber Security

OPINION PIECE: Cyber Security

Cybersecurity is the method and set of tools used to defend electronic systems, communication systems, software platforms, and sensitive information against online threats. The word “cyber-attacks” is generic and refers to many different things, but some of the most well-known ones are:

  • Altering the systems and data contained
  • Resource exploitation
  • Confidential material being accessed and gained illegal information about the target system
  • Interrupting the business functions and its procedures’ regular operations

Attacks that can compromise security and espionage systems are increasingly more creative and complex. Therefore, it presents a significant task for each business and security analyst to rise to the occasion and repel these assaults. Experts have warned that dangers are greater than ever before as the cyber scourge even runs the risk of undermining public confidence in such treasured concepts as democratization, economics, and confidentiality. The sector continues to have a chronic dearth of cybersecurity expertise. Cyberattack costs are rising. The techniques that hackers employ to abuse information also improve with innovation. Organizations are now more dependent than ever on technology, which makes businesses a potential target for cybercrime. Over $20 billion is anticipated to be spent by organizations on ransomware in 2022[i]. The sophistication of hackers is increasing. targeting institutions like hospitals, schools, and government buildings that can afford larger ransom fees by 2023, it is  projected that the harm to have increased by another 50%, reaching $30 billion.

Throughout the pandemic, working remotely has become the latest trend. However, whilst working remotely permitted organizations to remain operational as normal, it also provided a gateway for cybercrime. Over 50% of organizations are now more likely to employ contractors because of the transition to working remotely brought on by COVID-19, said a 2021 labour trends analysis[ii]. According to the cybersecurity company CyberArk[iii], 96% of firms provide these outside parties access to their vital systems, opening a potentially vulnerable entry point for attackers to use to access the data of these businesses.

Now let us take a closer look at the many sorts of threats and attacks in order to better appreciate the necessity for cyber security measures and their procedures:

Social Engineering

Since this focuses more on dumb negligence than technical faults, this is nevertheless one of the riskiest hacking methods used by criminals. Since it is far simpler to mislead an individual as it is to compromise a security system, such threats are even more harmful. But it’s obvious that cybercriminals are aware of this, as 85% of all cybersecurity incidents involves social interaction, per the Verizon’s Data Breach Investigations report[iv]. Attacks using cryptocurrencies increased drastically between October 2020 and April 2021[v], and they’re anticipated to continue to pose a significant threat as Bitcoin and other blockchain-based currencies gain acceptance and value.

Third-Party Exposure

Cyber attackers can circumvent security measures by infiltrating unprotected networks belonged to outside parties who have accessibility to the criminal’s central focus. Somewhere at the start of 2021, attackers exposed personally identifiable information from over 214 million Facebook, Instagram, and LinkedIn profiles, which is a good demonstration of a third-party attack. By hacking Socialarks, a third-party company which was contracted by all three organizations and had connectivity to their systems, the attackers got access to the information.

Configuration Mistakes

Sometimes security systems designed and set up by experts almost certainly have at minimum one mistake. In a run of multiple assessments, the cybersecurity software vendor Rapid7[vi] discovered susceptible misconfigurations in 80% of external vulnerability testing. The percentage of vulnerable compatibility issues increased to 96% in experiments when the intruder had inside access privileges. The cumulative effects of the COVID-19 pandemic, political and social instabilities, and continuous financial hardship are most likely to contribute to more reckless workplace blunders in 2022, which will open up more possibilities for criminals to profit from.

Poor Cyber Hygiene

This is referring to customary technology usage behaviours and procedures, such as avoiding unsecured WiFi networks and using security measures like a VPN or multi-factor authentication. Regrettably, study reveals that South Africans’ online safety practices might use some improvement[vii]. Since more people are working remotely, weak password-protected applications are now accessible from unsecured wireless routers, sticky note credentials are commonly used in open coffee bars, and employees are signing in using personal devices that are far more likely to be misplaced or confiscated. Businesses and individuals who don’t update their cyber procedures run a lot more risk than they did in the past.

IoT Attacks

Nearly every day, the Internet of Everything spreads further and further (according to Statista.com, the number of devices connected to the IoT is expected to reach 30.9 billion by 2025)[viii]. Naturally, this encompasses computers and tablets, it also covers routers, webcams, home appliances, smart watches, medical equipment, industrial equipment, transportation, and even home security systems.

Users consider interconnected gadgets convenient, and many firms are already using them to cut costs by acquiring vast volumes of analytical data and simplifying operational procedures. IoT networks are more susceptible to cyber intrusions and infections as a result of the increased risk that comes with more mobile networks. IoT devices can be exploited to wreak havoc, overload networks, or shut down crucial equipment for financial gain once they are under the control of hackers.

Connected Cars and Semi-Autonomous Vehicles

A connected car makes use of its internal sensors to enhance both passenger and motorist convenience. Usually, this is accomplished by smartphones, tethering, or integrated connectivity. The connected car is becoming more and more common as technology advances. This advancement in car production and design presents hackers with yet another chance to take advantage of flaws in unsecure systems, steal important information, and/or endanger drivers. Along with safety issues, networked cars also raise significant privacy issues.

How To Protect Yourself from Emerging Cyber Threats

Preventing emerging cyber threats is more manageable than fixing the aftereffects of cyberattacks. Here are a few best practices to keep your devices safe from hackers and scammers:

Use antivirus and network protection software on all your devices

Antivirus software scans for, finds, and blocks malware to keep your devices secure. Regrettably, a basic antivirus technology alone won’t be sufficient given the number of digital threats in today’s society. You require comprehensive digital protection software.

Don’t ignore system and software updates

Always follow the instructions for software updates and update your device’s software frequently! One of the simplest methods to protect yourself against new cyber risks is to do this. System and software updates are purposefully made available by vendors as a defence against online threats. Do not disregard them.

Use strong passwords, Two-Factor Authentication, and a password manager

The primary and sole source of protection from hackers is frequently passwords. Use a blend of alphabet, numerals, and special characters to create secure passwords. Avoid using everyday language or identifying information. Utilize two-factor or multi-factor authentication for additional security. This transmits a unique code that can only be used once, together with your username and password. Skip two factor authentication on SMS, though, as it can be compromised. Use an access token app alternatively, like Google.

Keep regular backups of all your files

Frequently backing up your files is a mitigation strategy to protect yourself from new online risks. If you have a website, pick web hosting companies that give automatic backups. Make sure you have multiple versions of your data backup. They can be kept in the cloud or on an external hard disk.

Stay up-to-speed with the latest attacks

Learning more about new cybersecurity threats will help you be better prepared and knowledgeable of popular hacking techniques. Because they won’t encounter any pushback, hackers enjoy it when their targets are unaware that they are being attacked. So that you can spot the warning signs of fraudulent activity and understand what you should do if you receive an unsolicited email, equip oneself with as much information as you can.

– Themba Shozi and Paul Tarwireyi, academics in the Computer Science Department

Picture: supplied

[i] https://www.gartner.com/en/webinar/429297/1012387

[ii] https://www.upwork.com/research/future-workforce-report

[iii] https://www.cyberark.com/resources/ebooks/third-party-privileged-access-to-critical-systems-ebook-1

[iv] https://www.verizon.com/about/news/verizon-2021-data-breach-investigations-report

[v] https://assets.barracuda.com/assets/docs/dms/spear-phishing_report_vol6.pdf

[vi] https://www.rapid7.com/globalassets/_pdfs/research/rapid7-under-the-hoodie-2018-research-report.pdf

[vii] https://cybercrime.org.za/law

[viii] https://www.statista.com/statistics/1101442/iot-number-of-connected-devices-worldwide/

Leave a Reply

Your email address will not be published. Required fields are marked *