Awareness is key to survival

22.10.20 09:40 AM Comment(s) By Jonathan Faurie

As we look forward to the end of the year, we have officially reached the 10th level of Jumanji (the year that is 2020).


With all that has taken place this year, it is easy to forget that we face massive challenges outside of surviving the current pandemic that we are facing. Cyber security was an issue long before Covid-19 was even a thing, and the month of October is usually dedicated to cyber security awareness.


This is more important this year than in previous years because of the fact that cyber criminals are taking advantage of the pandemic to increase their activity, and we are heading towards Black Friday which will most likely either be an exclusively online event this year or there will be a heavy reliance on it as Governments around the world only permit stores to allow a certain number of people to shop at any given time.



Cyber awareness month was started in the US and has gained global traction over the past few years. This is important because cyber security is not a localised issue, it is global! This years theme is: Do Your Part. #BeCyberSmart.


The article points out that this theme is designed to encourage individuals and organizations to own  their role in protecting their part of cyberspace. This year sees a massive emphasis on personal accountability plus the importance of taking proactive steps to enhance cybersecurity at all levels of a business.


Looking into the some of the essential points during NCSAM, for Digital Journal, was Raif Mehmet, the VP of EMEA at Bitglass.


In the context of a new focus on personal responsibility, Mehmet told Digital Journal, “in recent years there has been a major shift in the way businesses conduct their operations and how employees do their work. And then in recent months…the shift from office-based to home-based work, combined with a lack of adequate forward planning, has been a painful transition for many. "


The article pointed out that it is also important to consider the shifting landscape under COVID-19, says Mehmet:. This means additional challenges and complications around remote working "Few respondents have said they were fully prepared for remote working when the pandemic hit. From a security perspective the picture is concerning."


Change of culture means a change to cybersecurity. With this, Mehmet told Digital Journal, "today, across many organizations, corporate culture has changed dramatically. Many people now access, share, and store data in a variety of ways, using diverse services and devices."


Going forwards, Mehmet told Digital Journal, "with the shift to remote working shaping to be long term, businesses can no longer afford to improvise when it comes to data protection. Organizations must invest time and resources into finding appropriate security solutions that are capable of securing data in a remote environment. There’s a wide range of highly effective products and solutions like cloud access security brokers, and user and entity behaviour analytics that can quickly provide visibility and control, no matter how geographically dispersed a workforce is."


This National Cybersecurity Awareness Month should act as a reminder for organizations to equip themselves with the proper tools to avoid data leakage and other security risks.”

Increased threats

The threat landscape for cyber crime is always increasing.


The article points out that Europol, the European Union’s law enforcement agency, warns that cybercrime has spiked over the past year in large part due to the COVID-19 pandemic.


Europol’s findings were detailed in its annual Internet Organised Crime Threat Assessment, released Monday. The assessment highlighted ransomware attacks, such as those targeting health care organizations, as one of the most persistent cyber threats during the pandemic, including attacks involving hackers threatening to auction off data if a ransom is not paid.


The article adds that the distribution of child abuse material online has also increased during the COVID-19 pandemic, including livestreaming of sexual abuse. Other concerns have involved SIM swapping, in which the hacker takes over a SIM card on the individual’s phone to intercept a two-factor authentication code, and the increased use of the dark web for criminal activities.


“Ransomware in particular remains a priority threat encountered by cyber investigators across the EU,” Europol Executive Director Catherine De Bolle wrote in an introduction to the report. “The amount of online child sexual abuse material detected continues to increase, further exacerbated by the COVID-19 pandemic, which has had serious consequences for the investigative capacity of law enforcement authorities.”


The article points out that phishing emails and online scams have increased, with Europol noting that cyber criminals are increasingly targeting the vulnerable online during the pandemic and that disinformation has become easier to spread during the period of uncertainty.


“Users become vulnerable and receptive to disinformation and fake news due to the paradoxical oversaturation with available information combined with a perceived lack of trustworthy sources of news that reinforce some of the users’ preconceived notions and beliefs,” Europol wrote in the report. “Disinformation can also be linked to cybercrime in efforts to make social engineering and phishing attacks more impactful.”


Edvardas Šileris, head of the European Cybercrime Centre, said in a statement that the report is “an essential resource for EU’s law enforcement and policy makers,” emphasizing that “cybercrime is an evolution, not a revolution.”


The article points out that Europol’s report was released the same day Interpol, an international law enforcement agency, launched a new campaign to warn individuals of ongoing online cyber crime, highlighting phishing emails, ransomware and online crimes against children as key threats.


“Even the most Internet-savvy person can fall for a cybercriminal’s tricks, so it’s important that everyone keeps their guard up when navigating the virtual world,” Craig Jones, Interpol's director of cyber crime, said in a statement.


The article adds that Cyber threats have increased around the globe during the pandemic, with health care groups and other organizations involved in responding to COVID-19 particularly targeted.


Microsoft reported last week that “COVID-themed attacks” were targeting health care and vaccine research groups, with attacks observed by at least 16 “nation states actors.” 


The article points out that the Treasury Department also warned of the dangers of ransomware attacks, which have become increasingly widespread over the past two years and have brought the city governments of Atlanta, Baltimore and New Orleans temporarily to their knees.


Risky business

Because of the nature of the industry, any company in the financial services sector is potentially at risk to cyber crime. This was evident in the recent Experian data breach.


Covid-19 has increased unemployment around the world and has forced many people to dip into personal savings to fund medial expenses. There is definitely an increased focus on finances and making good financial decisions.


I recently read an article which pointed out six ways in which companies in the financial services sector are potentially at risk when it comes to cyber crime:


-  Supply chains introduce increasingly interconnected attack surfaces. Financial institutions have complex, interdependent supply chains. These offer a broad, target-rich attack surface that adversaries can undermine. Attackers have been conducting supply chain attacks for years. However, supply chain threats to financial institutions in the past year have primarily involved technology service providers (TSPs), including managed service providers (MSPs) and cloud service providers (CSPs). Core financial TSPs and IT service providers have been affected by ransomware incidents, disrupting services for some of their financial institution clients;

-  Credential and identity theft continue to accelerate. Credential and identity theft, compromise and abuse continue to be cornerstones for targeted attacks and fraud. As novel coronavirus, COVID-19 spread across the globe, financial institutions moved rapidly to adjust their operations. Cybercriminals also moved swiftly to take advantage of the expanded attack surface presented through largely remote workforces and rich feeding ground for fraud from the extensive government funding programs extended through financial institutions to small businesses in greatest need. Credential-stealing malwares surged, including mobile malwares such as EventBot19 and Cerberus which are collectively capable of stealing customer credentials for more than 200 financial institutions. The premier seller of Cerberus noted their sales increased exponentially in early April 2020, netting them more profit in a single week than the prior four months combined;

-  Data theft and data manipulation stems from new vulnerabilities and cybercriminal behaviors. While threat actors continue to target data their motivations often go beyond theft to include destruction and disruption. A new wave of cyberattacks sees data no longer simply being copied, but being destroyed—or changed—breeding distrust. In late 2019, security researchers disclosed a Microsoft Azure vulnerability referred to as BlackDirect. If not remediated, threat actors could exploit this vulnerability to steal sensitive data, compromise production servers, manipulate data, or even encrypt all of a victim organization’s data (ransomware). This vulnerability disclosure came as financial institutions and regulators were scrutinizing cloud security vulnerabilities and related cyber threats following the large scale data theft from a major United States financial institution;

-  Emerging technologies, especially deepfakes and 5G, advance cyberthreats. As technology rapidly advances, cyberdefenders and adversaries alike are exploring means of using cutting-edge tools. In particular, malicious actors recently used deepfake to increase the effectiveness of their campaigns. As the world adopts fifth generation mobile networks, threat actors will seek to gain new advantages with 5G technology. The opportunities for 5G in financial services  presents risks, including those raised by governments including supply chain threats, software vulnerabilities, organized cybercrime, espionage as well as cross-sector threats;

-  Destructive and disruptive malware attacks spur multiparty and cross-sector targeting. Threat groups leveraging ransomware are targeting multiple related parties at once globally. On August 16, 2019, more than 20 entities in Texas, United States, reported ransomware attacks, prompting a coordinated state and federal response to a multi-jurisdictional cybersecurity event that was the first of its kind.37 Testing the resilience of the affected entities, this multiparty attack is a bellwether indicating the likelihood of additional concurrent, disruptive attacks. A proactive cyberdefense plan that incorporates multiparty attack simulations with industry and crossindustry peers could help financial institutions be better prepared to face this threat; and

-  Misinformation shakes trust in retail and government-backed banks. Disinformation and misinformation is not only a threat to efforts to manage COVID19, it also impacts the financial sector. Multiple United States entities, including the NASDAQ, Securities Exchange Commission and FINRA have warned of spikes in market manipulation in the wake of the COVID-19 pandemic. Often, market manipulation involves elements of disinformation or misinformation directed at influencing unsuspecting investors to aid criminal actors’ objectives. Some groups undertaking these activities, as well as pumping and dumping (a form of securities fraud that involves artificially inflating the price of a stock through false positive statements), have been connected to cyber intrusions in the past. Bad actors can take advantage of high market volatility which could further reduce confidence in the economy.


The article adds that security teams in the financial services sector are experiencing even more exacting demands as they defend their organizations in a world under a new and unexpected threat — a global pandemic, says a new Accenture report, "2020 Future Cyber Threats: The latest extreme but plausible threat scenarios in financial services."


Malicious threat actors are taking advantage as organizations reconfigure vulnerable supply chains and offer more digital experiences. Working from home has opened a pandora’s box of new attack vectors and workforce challenges — including those from insider threats. And there are challenges around rethinking culture and collaborative practices as organizations seek to outmaneuver uncertainty in the future.


Massive threats on the horizon

The end of the years means that we are approaching Black Friday. As pointed out earlier, this year will be a strange affair as there will be a heavy reliance on e commerce. Companies with a virtual presence will cash in.


The article pointed out that, while not expected to show the same growth as previous years, retail mega-event Black Friday could still help local retailers struggling to make up lost lockdown revenue, especially for those with an online presence, according to South Africa's largest payment gateway, DPO South Africa's PayGate.


Newfound comfort in online shopping

“The bleak economy, dented disposable income and a very uncertain future will take its toll on transactional growth this year when compared to the record years that have gone before," says Peter Harvey, MD of the DPO South Africa, including PayGate, PayFast and SiD Secure EFT.


“It will, however, still serve as an immensely valuable opportunity for retailers to bolster their annual revenue numbers. For small retailers especially, it’s not too late to establish a digital presence to take advantage of the expected shift in favour of e-commerce shopping this year.”


The article added that, in 2019, PayGate numbers showed Black Friday trading volumes spiking by 400%, compared to an average trading day. Overall there was a 35% year-on-year transactional volume growth for the Black Friday and Cyber Monday shopping week.


“This year we think the total Black Friday spend will be down across the board, but we see e-commerce sales matching 2019 numbers. The lack of disposable income will be countered by the newfound comfort in online shopping, with lockdown driving first-time digital shopping experiences,” Harvey predicts.


Black Friday bargain hunting

The article pointed out that, on a positive note, Harvey says local shoppers can expect to find some great bargains this shopping holiday as retailers fight to capture what disposable income is available.


“Consumers should be aware that the average South African shopper has become Black Friday savvy and bargain hunters will be filling carts ahead of time to ensure they just have to checkout as soon as the sales begin,” says Harvey.


Lessons learned from previous years will extend to the payment ecosystem which supports the sale days.


“The banks, PSPs and card associations are all ready for the surge in transactions and so technically we are confident of a well-managed experience this year. Teams on standby around the clock and careful monitoring will be a matter of course,” he says.


The article added that, looking at the basket breakdown, Harvey says it is reasonable to assume that the product mix will be different this year. Baskets may include fewer big-ticket items and DIY and home improvement products could receive a boost this year with shoppers having spent a good deal of time at home over the past few months.


“Apart from the home improvement sector, the travel and tourism sector is one to watch this year. We can expect a jump in experiential purchases as people look to feed their desire to get out of the house and into the world.


"While international travel remains fairly limited, both by cost and by the list of countries who will admit visitors, local tourism is sure to benefit from some spend come November. This is great news for our local travel businesses which should ensure they are ready with great deals for a cabin-fevered public,” Harvey advises.


Get online if you want a piece of the pie

The article points out that, the past few years has seen a surge in traditional brick-and-mortar retailers taking their businesses online. However, for the many who have yet to make the leap, Harvey says there is still time to set up a simple, robust digital solution to take advantage of the seasonal shopping spree.


“Getting an e-commerce offering up and running is imminently possible between now and 27 November. Given South African’s growing preference for online offerings it would be foolhardy to miss out on all that potential business, especially this year as even more shoppers will choose to go digital rather than risk crowded stores and malls.”


“We know it’s going to be difficult to predict anything this year. Everything remains uncertain, but I do think we can expect to see the 2020 e-commerce numbers remaining steady. This opportunity is definitely something our local retailers will want to take advantage of and so some early planning will make all the difference,” Harvey advises.


However, this means that there will be a lot of business for cyber criminals who will be eager to present seemingly good deals to those who are on the hunt for them.


Basic steps

It may seem like basic advice. However, the foundation of cyber security is as simple as changing your online passwords often and to avoid passwords that are linked to you (birthdays, anniversaries, children’s names etc).


It is amazing how many companies do not follow this advice.


The article pointed out that when 1 in 4 or 25% of respondents say they cannot remember changing their online password, there is cause for concern. The data is from a new survey and report from PC Matic looking at the struggles with password management.


PC Matic Online Passwords Survey

The article added that businesses and individuals must take more precautions because passwords are one of the weakest links when it comes to cyber security, according to the report.


Remembering Passwords: Close to 70% of respondents say they have more than one email address. And this, the report says, is making people remember each password mentally (55%). Others write their passwords down (26%) and use a password manager tool (19%).


The article pointed out that, based on this data, the report says people are most likely using the same password for multiple accounts. Moreover, the passwords are probably not meeting the advanced complexity measures to ensure proper password hygiene.


What is Password Hygiene?

Password hygiene is a set of best practices for ensuring your passwords are strong and secure. This is always worth repeating because people are still using default passwords in 2020. In this survey alone 53% of individuals say they still use a default password on their wireless router.


Tips from PC Matic

For Individuals:

- Change passwords every six months and reuse them;

- Use difficult passwords;

- Enable multi-factor authentication;

- Have password lockout thresholds on all your devices;

- Do not access your personal accounts when you are on your company’s network; and

- Take cybersecurity training.


For Employers:

- Implement password hygiene best practices;

- Mandate cybersecurity training for all employees;

- Demand your employees to update their passwords every 90 days;

- Do not allow the recycling of passwords;

- Have employees connect to a VPN before starting work-related tasks;

- Enable multi-factor authentication for access privileges;

- Apply filters for online activity; and

- Have default predetermined password threshold lockout times for computers.


There are a lot more things to be aware about this cyber security awareness month. Stay tuned to GTconsult to have access to all of this information. 

Jonathan Faurie

Share -