Security expert warns of unprecedented phishing attacks in SA

IT Web

South Africa is witnessing an unprecedented increase in both simple opportunistic cyber attacks and complex targeted attacks, which are increasingly using sophisticated techniques in an effort to avoid detection, an industry expert has warned.

Mimecast cyber security expert Brian Pinnock says the main way to protect against phishing attacks is to maintain a healthy scepticism and not click on links or open attachments from suspicious sources.

Pinnock was reacting to a News24 report that the Hawks and SAPS Crime Intelligence were investigating the possible hacking of e-mails sent and received by president Cyril Ramaphosa and his advisor surrounding his 2017 ANC presidential bid.

The report says the laptops of Ramaphosa’s closest aides were targeted with malware and phishing attacks.

Pinnock cautions: “Maintain strong cyber hygiene by keeping all devices fully patched and at the latest available version of the operating system. Avoid downloading applications that ask for too many privileges beyond the scope of what they are used for.”

The warning by Pinnock comes as Avast recently discovered over 70 flashlight apps on the Google Play Store that requested 50 permissions or more, like the right to record audio.

“Don’t reuse passwords across applications and sites. Rather use a password manager as well as two-factor authentication.”

He adds it is critically important to protect e-mail servers as e-mail is the number one attack vector for the initiation of cyber attacks.

“These attacks take one of three forms (sometimes in combination). Firstly, e-mails containing benign-looking attachments that are in fact weaponised documents. We have seen an increase in the use of Microsoft Excel as well as Word documents.

“Secondly, e-mails containing malicious links that appear to take you to well-known Web sites but are either designed to harvest your security credentials or download malware onto your computer. Thirdly, spear phishing e-mails containing no malware or links but that use social engineering techniques to get users to transfer money or information to the threat actors.”

Pinnock says the sad reality is that most South Africans’ personal data is already available due to the master deeds data breach that occurred in 2017.

The data breach is recorded as SA’s biggest security lapse to date, as it compromised the personal information of about 30 million South Africans.

Pinnock advises that in the event of a suspected breach “change all affected passwords immediately. Take impacted devices offline. Try to determine what was stolen or get professional help.

“Ensure there are viable backups or copies in a third-party data store. Do not trust the integrity of data stored in the cloud if you suspect a breach. Contact relevant financial institutions and authorities such as banks and find out what steps they can put in place. Put steps in place to identify if identity fraud is, or will be, taking place, like contacting credit bureaus.”