Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label South Africa. Show all posts
Trend Micro
AI Cyber Security Cyber security landscape South Africa Threat risks Trend Micro

The Complex Landscape of Cybersecurity Threats in South Africa


Trend Micro has recently revealed that, in the course of 2023, it has detected over 86 million email threats, nearly four million malicious URLs, and more than 4,000 malicious mobile apps targeted at South African businesses and consumers’ systems.

The revelation comes at a time when South Africa is witnessing consistent complexities in its cybersecurity threat landscape. 

The revelations were made in Trend Micro’s 2023 Midyear Cybersecurity Threat Report, which presents findings gleaned from in-depth telemetry involving millions of business and consumer clients. The research sheds light on both threat actor actions and new trends in criminal tactics, providing security defenders working to outwit crafty cybercriminals with useful advice.

The Developments Made in Ransomware 

In the first half of 2023, Trend Micro was able to block around 15 million malware families, with ransomware posing a significant threat to regional organizations. Notably, only in June were around 2,500 ransomware detections reported. The Midyear Report digs deeply into the evolving strategies used by ransomware groups, including how they have modified tools and methods for more effective data extraction and how their revenue models have changed.

One of the risks arises from the newly discovered ‘Mimic’ ransomware, which cleverly deploys legit search engine tools to locate files for encryption. Apparently, Mimic has certain links with the notorious Conti ransomware group, further indicating the cooperation between these criminal organizations for the sake of lowering costs, expanding their market reach, and engaging in ongoing criminal activity. The report also highlights a change in ransomware groups' priorities, with a specific focus on data exfiltration involving bitcoin theft and corporate email compromise (BEC). 

AI’s Influence on Cybercrime Activities 

Another trend that came to light in 2023 is the growing use of AI by threat actors in conducting cybercrimes. On one hand, South African companies are adopting AI technologies to up their game, and threat actors are also embracing high-end technologies to design more complicated cyber scams. These scams may include virtual kidnapping, where it may use AI for deepfake voice generation to force the victims into paying the ransom amounts.

Additionally, AI tools like ChatGPT have given cybercriminals the ability to automate data collection, create target groups, and recognize weak behaviours, making it simpler to launch harpoon-whaling attacks. These attacks entail the deceptive targeting of executives via emails that are highly tailored, urgently written, and contain details specific to the target. The effort needed to target CEOs has been greatly decreased thanks to the usage of AI, making it simpler to shoot for a big target.

Innovations Expending Threat Risk

Threat actors are continually looking for new ways to attack people as advancements progress. Attackers want to gain access to user account data to enable crimes with the rise of linked cars. Cybercriminals may identify and break into vehicles for theft or other illegal acts after hijacking accounts or acquiring credentials through phishing or malware; they may even target the owner's home location for a break-in while they are away.

The reason behind threat actors’ interest in South Africa is the increased uptake of smart home networks (SHN). Trend Micro found more than 1.5 million inbound SHN attacks in the nation during the first half of 2023. Smaller platforms, such as file transfer services like MOVEit, business communications software like 3CX, and print management software options like PaperCut, have become more vulnerable as a result of these attacks.

Zaheer Ebrahim, Solutions Architect for the Middle East and Africa at Trend Micro further highlights that the unending complexities now seen in hacker tactics pose a severe threat to local businesses. Given the constantly changing world of digital security, he emphasizes the significance of identifying potential risks and threats in order to make wise decisions and proactively build cybersecurity defences.  

Read more »
Southern African Fraud Prevention Services
Cyber Crime Cybercrime Capital Nigerian Prince Phishing Schemes South Africa Southern African Fraud Prevention Services

SA may Surpass the ‘Nigerian Prince,’ Becoming Africa’s New Cybercrime Capital


A surge in cybercrime activities can be witnessed in South Africa, which poses a threat to surpass the notorious "Nigerian Prince" scams and make SA the continent of Africa's epicenter of this crime. Notably, the rise is despite the passing of the Cybercrimes Act in SA. 

Rise in Cybercrime 

A recent TGC Forensics report highlights the spike in cybercrime activities. It notes that there has been a 356% increase in identity frauds between April 2022 and April 2023, citing a report by Southern African Fraud Prevention Services.

According to Jackie Smith, head of the Buyers Trust – a subsidiary of Ooba Group – South Africa is vulnerable due to a number of variables, including economic growth and a quickly evolving digital environment.

He further noted that cybercrimes are rather “easy to commit,” and that around 90% goes unreported. 

“Cybercrimes can be committed by anyone with access to a cellphone and an internet connection, making these crimes incredibly easy to perpetrate[…]And, with only an estimated 10% of cybercrimes reported to the police, criminals feel they can operate without consequence,” he added. 

In regards to the Cybercrimes Act bill, which was signed in June 2021, media law experts claimed that the act missed opportunity. He said that although the act sought to address important problems South Africa faced, the language employed was “broad and vague.”

Cybercrime Thrives in SA

Another reason why South Africa is turning into a cybercrime hub is because of a lack in proper training of police officers to deal with cybercrime cases. This further flourish organized crime syndicates notably in the property sector, which has turned into a convenient target for cybercriminals.

Smith claimed that because to the transactions made by buyers, sellers, tenants, and landlords, these parties are vulnerable to phishing scams and data breaches. One of the most common phishing scam being the ‘deposit phishing schemes.’

Deposit Phishing Schemes

Deposit phishing schemes are carried out where cybercriminals impersonate legitimate real estate agents or legal officials to secretly intercept emails between buyers and sellers. This way, they reroute the buyer's deposit into their accounts. The fraudsters are so precise that they blur the difference between genuine emails and the fraudulent ones.

In order to protect oneself from these phishing scams, Smith has suggested the following measures:

  • Be wary of email links and attachments.
  • Confirm the email sender.
  • Validate the website’s authenticity.
  • Abstain from sharing sensitive data through email or unfamiliar websites.
  • Use secure, transparent third-party options for deposit transactions.
One may note that these scams may soon surpass the Nigerian Prince scam, which is among the first online fraud schemes to target people's money and personal information.

Read more »
Vulnerabilities and Exploits
Cyber Criminals Intelligent Mining Mining Online Security security threat South Africa Vulnerabilities and Exploits

New Cybersecurity Vulnerabilities are Being Discovered Using 'Intelligent Mining'

 

When brute force attacks shut down operations and force mines to pay a ransom, "intelligent mining" activities have emerged as the gold mine for cybercriminals. 

Dr. Pierre Jacobs, the head of cybersecurity operations and compliance at CyberAntix, a member of the Sizwe Africa IT Group, holds this opinion. According to him, cyber security breaches have reached a point where they have legalised this dishonest behaviour, giving criminals the opportunity to commit cybercrimes in conditions that are very similar to those of legitimate organisations. Lone hackers are still around and may wish to stop production for fun or to see how far they can go. 

“South African mining companies are no exception,” Jacobs stated. “The transition from traditional mining practices to intelligent mining is exposing the industry to a new frontier of cyber threats.” 

74% of internet businesses have had serious Computer breaches, according to Fortinet research, and this problem was made worse by the Covid-19 outbreak. With an 11% increase in network intrusions, the mining and manufacturing industries in particular experienced a sharp rise in infiltration activity. 

Attackers are focusing their efforts on Industrial Control Systems (ICS) in a variety of industries because these systems regulate a wide range of automated processes, including measuring devices, packaging equipment, and all the other assembly-line parts that are essential to any production process. Attackers are aware that by focusing on these systems, they might negatively impact business operations. 

Although ICS devices are frequently specific to industries and used for specialised systems or activities, they are normally less well-known than enterprise information technology (IT) devices like laptops, desktops, and smartphones. In this sector, cybercriminal activity is becoming more organised and specialised. 

The bulk of cyberattacks on mining businesses aim to disrupt corporate operations and threaten supply chains by stealing intellectual property and other important data, such as geotechnical studies and production plans. According to Jacobs, the Internet of Things (IoT) is a threat to mines with any amount of automation (IoT). Criminals frequently use email platforms as their first method of entry in all sectors. 

Any of these devices—desktops, laptops, smartphones, even the workplace printer—can serve as entry points for hackers. The fact is that mining operations in South Africa are also impacted by geopolitical concerns, rising geopolitical dangers, and intermittent conflicts between other nations, especially Western nations and China. Mines from throughout the world compete with South African exporters. Competitors worldwide would benefit from any disruption to our supply systems.

Cybersecurity breaches are caused by a number of factors, including a lack of understanding of the Industrial Internet of Things (IIoT) and the Internet of Things (IoT), supply chain weaknesses, lax security procedures used both internally and by outside contractors, identity theft, and insufficient incident response. 

"Strategies to mitigate risk should seek to identify and understand the business models and motivation of the cyber criminals. Businesses also need to understand the risks and vulnerabilities of their industry and anticipate threats," Jacobs concluded. "People, processes, and technologies all pose risks, and to address cyber security threats, it’s important to take a three-pronged approach to security – one that focuses on people, processes, and technologies. The challenge is to secure the enterprise by locking all the information entrance gates to bridge any gaps in the system. Identify critical business systems and then identify risks against those systems. Secure protocols need to be in place wherever there is a connection to the Internet. Real-time monitoring and investigation are vital." 
Read more »
Threat Group
Black Axe Gang Cyber Crime Interpol Interpol Operation South Africa Threat Group

Cybercrime Gangs Are Expanding Across Africa: Investigators Warns


Police and investigative experts of the sub-Saharan region of Africa have cautioned of cyber criminal gangs, that are recently advancing in size and power by exploiting the vulnerabilities caused during the global economic crises and the Covid-19 pandemic. 

As claimed by the authorities, both of the mentioned situations have given rise to newer opportunities for online criminals to rake in large assets without risking being caught. 

This growth has a direct impact on the rest of the world, where many victims of “hugely lucrative” fraud live, a senior police official says. 

According to Prof. Landry Signé, a senior scholar and study author at Brookings Institution, the Covid-19 crisis has apparently resulted in the growth of digitalization globally. As online activities boosted, criminals, targeted critical digital infrastructure. 

“The Covid-19 pandemic has accelerated digitalization around the world, but as life has shifted increasingly online, cybercriminals have exploited the opportunity to attack vital digital infrastructure […] States across Africa have emerged as a favorite target of cybercriminals, with costly consequences,” says Professor Signé. 

Nigerian Black Axe Gang

Interpol describes online frauds like banking and credit card frauds as the most pervasive and severe cyber threat across Africa. The Covid-19 pandemic has resulted in a sustained rise in the number and advancement of cyber-attacks, with more than half being targeted at online banking platforms, as per the analysts.

A major operation organized by Interpol this month, across 14 countries, emphasises the scale of cybercrimes across the continent and beyond. 

Police later detained more than 70 alleged fraudsters in connection with the Nigerian cyber threat group known as ‘Black Axe’ in South Africa, Nigeria, and Ivory Coast, as well as in the Middle East, Europe, south-east Asia, and the US. 

Moreover, about 50 residents were being investigated, with $1 million confiscated from bank accounts. Additionally, an apartment building, three vehicles, tens of thousands of dollars, and about 12,000 sim cards were seized. 

Reportedly the Black Axe gang started out as a student organization, originating in Benin City, in the 1970s and later evolved into a worldwide criminal network, specializing in frauds. As per the US court filings, the group later claimed a regional headquarters in South Africa in the year 2013. 

Authorities reportedly discovered phones and other equipment that were known to be used by Black Axe scammers, in Ireland. While tracing the group’s vocabulary, the investigators linked the group to West Africa. 

A former South African criminal intelligence official says that although the fraudulent activities have comparatively reduced, one cannot assume that the organization has ceased operations. The official continued that these criminals manage their operations very well, and they have found solutions to all the issues. 

A Major Base for Organized Crimes

As reported by The Guardian, South Africa has emerged as a headquarter for organized crimes. 

South Africa apparently hosts the Black Axe organization, while also helping them proliferate worldwide. In this regard, Interpol further said, “as well as hosting Black Axe groups, South Africa also helps enable their spread to other parts of the world … Black Axe members come to South Africa to obtain South African citizenship, which facilitates their travel to the US, Europe or Dubai.” 

Along with other acts of cyber fraud, threat actors in Africa generally targets victims via online dating services and apps, deceiving them into false relationships in order to acquire money or sensitive information about the victims. 

Not only South Africa, Kenya as well has evolved into a significant base for digital extortion schemes, believes the FBI and Interpol. Thus, making the continent a major base for cybercrime activities.  

Read more »
Subscribe to: Posts (Atom)