NEWORDER’s 2022 CYBERSECURITY OUTLOOK

The information and cyber security industries continually adapt their technology to a constant barrage of threats. At the same time, cybercriminals constantly work on new ways and techniques to steal data and extort money. South Africa is particularly vulnerable. A report published by Interpol in October 2021, “African Cyberthreat Assessment Report”, showed that South Africa had 230 million threat detections between January 2020 and February 2021. According to business analysts at Accenture, we have the third-highest number of cybercrime victims globally, costing our economy an estimated R2.2 billion a year. A study from the US found that 93% of hacking attempts are successful, and the attacker breaches the network perimeter, gaining entry to the local network resources. There is no reason to believe the situation in South Africa is any different.

Most InfoSec technology and professional services providers globally echo the same threat predictions for 2022 and beyond – that your organisation will suffer from a cyber attack at some point in time. However, NEWORDER can assist in mitigating your risk exposure by performing regular human skill-based penetration testing (Pen-testing) and vulnerability assessments to identify the areas such attackers might abuse to compromise your organisation.

“ Be proactive and don’t get breached! Let us identify your weaknesses before the cybercriminal do!!! ”

John Doe

Here is our view of some of the hazards to look out for in the coming year. It’s clear that the COVID-19 pandemic has significantly influenced the nature and severity of cyber threats.

Software Supply Chain Attacks

This happens when a cybercriminal exploits source code. Malicious code is added to one component, and the supply chain of that component becomes the distribution network, sending the code to targets. The Transnet hack in July last year was an example, and experts expect these attacks to become more common, as cybercriminals take advantage of the shift to hybrid working to target organisations’ supply chains. Therefore, regular penetration testing (Pen-testing) is essential to stay one step ahead of this threat.

Ransomware

Ransomware is likely to become an even more significant threat in the future. Although Africa ranks behind the rest of the world in ransomware detections, the continent saw the most significant increase in attacks last year. South Africa was the most targeted country in Africa for ransomware in Q1 2021. A report from business analysts KPMG estimates that working from home has caused a threefold increase in the risk of ransomware attacks, and demands will probably be costlier in 2022. Regular penetration testing (Pen-testing) is essential to stay one step ahead of this threat.

Edge Security

Hybrid working looks set to become the norm. Working from home and the growing Internet of Things (IoT) means hundreds of potential entry points for DDoS attacks and other security breaches. Edge security refers to protecting the “edge” of your network. A breach of edge security could expose credentials used to access the main data centre assets, leaving you vulnerable. Regular penetration testing (Pen-testing) is essential to stay one step ahead of this threat.

Business Email Compromise

Interpol cites BEC as one of the key threats Africa faces in 2022. There are multiple types of BEC, such as bogus invoices, CEO fraud, and account compromise. South Africa leads the continent with BEC attempts, although Africa, fortunately, saw less than 1% of global BEC attempts from 2020 to April 2021. However, this is likely to rise due to the economic potential of Africa. Vigilance employee training and awareness are your best defences against BEC.

Cryptocurrency

Cryptocurrency is anticipated to become a major target for cyberattacks. Africrypt was South Africa’s largest cryptocurrency exchange, but its founders suddenly disappeared with c.$3.6 billion in Bitcoin in 2021, claiming the exchange had been hacked. This was not the first South African cryptocurrency investment scam, and Interpol reckons it won’t be the last.

The Importance Of Pen-Testing

Penetration testing, or Pen-testing, tests the strength of your defences. When we carry out a penetration test, we probe your systems for common vulnerabilities that are exploitable, in the same way, an actual attacker would, and test your IT team’s response. As a result, regular Pen-testing will significantly reduce your risk of becoming the victim of a cyberattack.

Secure your network in 2022. For information on Pen-testing and the NEWORDER full range of Information Security and Cyber Security services, contact us today for a no-obligation discussion.