This article first appeared on IT-Online on 22 June, 2015
According to a cybercrime report compiled by global Internet security firm, Norton, South Africa lost R3,7-billion in 2012 as a result of cybercrime.
This number is sure continue to rise in parallel to the continued rapid expansion of the Internet – the technological phenomenon which, although becoming available for commercial use just two decades ago, now plays an integral part in both our personal and professional lives.
The South African government’s State Security Agency (SSA) has expressed growing concerns around Internet usage and the extent to which both private individuals and businesses have begun to rely on it. “With Wi-Fi being implemented almost anywhere, being online is as important as running water and electricity nowadays,” says Entelect’s GM of Business Development, Mark Beets, “More and more businesses have become fundamentally reliant on the Internet and connectivity in order to operate. The importance of maintaining the integrity of these systems, not only for their customers but also for business continuity, has become one of the biggest challenges.”
While increasing mobility is celebrated for rapidly enhancing our daily lives and business processes, it is also creating more complex security threats. ‘While many cybercriminals still practise the more ‘small-time’ crime of hacking individual computers or devices, the masses of information now stored and run through cloud-based and connected servers have also seen a marked increase in cybercriminals attacking organisation infrastructure through online touch-points,” Beets explains. “This poses a substantial threat to any individual with personal or sensitive information stored digitally, across any number of devices, as well as to large businesses that have based their systems on digital platforms and infrastructure.’ The primary goals of cybercrime include theft, extortion and fraud, which all have potentially devastating consequences for victims.
Further increasing the risk to personal information is the continued growth of the Internet of things (IoT). ‘With information constantly being sent and received by a massive number of sources, ranging from your office equipment and personal devices to your refrigerator at home and even your clothes, means that the amount of data being stored in the cloud by any individual is increasing exponentially. As a result, the risk of data breaches is increasing in parallel,’ explains Beets. ‘Soon the use of Internet will be extremely difficult to avoid because the IoT is becoming the modus operandi of many companies and individuals for their day to day processes, and as such, education on data security is becoming more and more crucial.’ Vodacom’s Chief Technology Security Officer, Vernon Fryer, has been quoted as saying that South Africa is the fourteenth most popular target for cybercriminals, with South Africans underestimating how at risk they are when sharing information and using the Internet.
Among a variety of troublesome trends, which were flagged in the CISCO 2014 Annual Security Report, Android mobile devices bore the brunt of 99 per cent of all mobile malware (malicious software). Furthermore, the report indicated a shortage of more than one million security professionals across the globe in 2014. ‘Most organisations at the moment do not have the required systems or skills to be able to monitor networks and detect infiltrations, and then apply protections in a timely and effective manner,’ Beets continues.
According to Beets, software organisations can play an important role because they have the ability to empower their clients and educate them regarding the potential risks to their businesses. ‘A proper understanding creates the opportunity to proactively take the necessary precautions to protect themselves from cybercrime, which is vital to the survival of most modern businesses and the protection of their sensitive or personal information.’
Based on the most notorious cybercrimes, Beets offers the following advice to companies and individuals:
Beware of unrecognisable links: do not click on these links when they are sent to you. This is a tactic used by hackers called phishing. Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to get individuals to reveal personal information online. These emails could be spam and expose you to fraudulent activity. Your systems can also be infiltrated by hackers when you download content from unknown sites, which can be triggered automatically by clicking on these suspicious links.
Update your passwords regularly: up to three times per month. This is crucial to ensure your online information is secured at all times. Do not use birth dates, graduation years, or your mother’s maiden name as security answers to access your online accounts – this makes a hacker’s job even easier. By generating strong passwords you can make it much harder for hackers to break into your computer via the back-end code of the system.
Understand that identity theft is real: identity theft has become increasingly common and is something everyone needs to worry about. Identity theft is when a criminal accesses data about a person’s bank accounts and bank cards, social security and other sensitive information, to siphon money, engage in contracts or to make purchases in the victim’s name. Always logout of your accounts properly – this is a good policy to protect yourself against identity theft and cyberfraud, which is the distribution of rogue security software to conduct fraudulent transactions.
Protect against malware: malware is Internet-based software or programs that are used to disrupt a network and steal sensitive data, often causing damage to software present in the system. Malware can be installed in a variety of forms, from Trojan horses and spyware to viruses and worms. Investing in reputable security, firewall and anti-virus systems is crucial, and even with these in place, it is advised that you make use of public wireless internet providers sparingly. These Wi-Fi networks that are available in airports, coffee shops and hotels often do not require encryption of data traveling between laptops and the Internet. This means that all your information is unsecured to hackers.
Avoid sharing devices with others: if you must and want your personal information to be undetectable by the person with whom you are sharing, you can browse incognito through the use of Google Chrome. By using Chrome, your browsing history and cookies will not show up in the history stored on device programmes. However, incognito mode does not hide your IP address, which means that your location, browser, operating system, as well as your own address, are not hidden by using this mode.
Scramble your information: one way to do this is to make use of a Virtual Private Network (VPN). VPNs allow users to make sure that all information that passes between your device and the network is subjected to extreme encryption, making data safer.
‘While we are aware of a certain number of cybercrimes, hackers develop new techniques constantly to trick you into unwittingly sharing your personal information,’ warns Beets, ‘Knowing how to protect yourself can significantly add value and safety to your life online. Be cautious!’ he concludes.