South Africa Exposes Continued Vulnerability in Latest Cyber Attack

#hacked #cybersecurity #southafrica #cyberinsurance

The most recent cyberattack on Transnet, the state-owned port and rail operator, offers a glimpse of the tip of the iceberg of cybersecurity problems in South Africa. As with many countries, the power of the economy depends on import/export abilities, and when the ports have to stop it creates a cascade effect that reaches everyone in lack of products, especially food. The week-long shut down due to what was greyly listed as an “IT disruption” halted everything from their communications, payroll, and even their website.

Denys Reva, an Institute for Security Studies SA maritime researcher believes the Transnet attack was likely on their Navis system. Reva indicated: “In the Transnet instance, it seems the attack has disrupted the Navis container operating system, which helps optimise the releasing and accepting of containers.” The reports from Transnet remain sketchy as they stated that no data was compromised, but experts say that it shouldn’t have taken a week to restore everything from backups.

This situation is an example of how vulnerable many of the organizations and businesses are in South Africa. Even with continued cyber attacks in SA and abroad, many simply don’t have a security strategy established for risk analysis, monitoring, and recovery. Independent companies have been experiencing cyber attacks for years and some simply don’t report them for fear of losing their reputation.

Experts in the cybersecurity world have been quietly whispering about the uptick in cyberattacks targeting large utility companies and government agencies. In the case of South Africa, they think the criminals may be taking advantage of the social unrest occurring due to the arrest of former present Jacob Zuma which has resulted in country-wide vandalism and looting. In other words, the focus is on a big event that allows them the ability to put their cyber-attacks in place. Some also speculate that these attacks could be a prelude to something even larger, such as a nuclear power plant which could potentially disable a huge area and require that demand for billions be paid.

Independent businesses look at this type of cyberattack with varying degrees of reservations; some even treating cyber attacks as a kind of “hasn’t happened to us” attitude. Those that are the savviest understand that cybersecurity is a cost of doing business in today’s world and have invested in cybersecurity insurance. The total price of a breach can extend into the millions and since cybersecurity insurance is crafted to address losses from such incidents as business interruption, network damage, and breach of data, it has become one of the trends for many organizations around the globe. In addition to cybersecurity insurance, companies are bringing cybersecurity specialists to analyze their risks establish best practices that can help in reducing the price of the insurance.

Sources:

businesstech.co.za/news/it-services/510640/south-africa-building-database-of-security-specialists-as-it-recovers-from-major-cyber-attack/

dailymaverick.co.za/article/2021–08–01-cybersecurity-south-african-companies-are-ripe-for-hackers/

cybersentinel.co.za/cyber-news-south-africa-loses-r2–2-billion-to-cyber-attacks/

cisa.gov/cybersecurityinsurance#:~:text=That%20coverage%20provides%20protection%20against,data%20breaches%2C%20and%20legal%20claims

https://davinciforensics.co.za/cybersecurity/cyber-insurance/

africacenter.org/spotlight/africa-evolving-cyber-threats/

Originally published at https://davinciforensics.co.za on August 15, 2021.