Ransomware attacks increase; APTs a long-term threat to South Africa

25th July 2022

By: Schalk Burger

Creamer Media Senior Deputy Editor


Font size: - +

Cybersecurity multinational Kaspersky says that, from January to April, ransomware attacks in South Africa doubled compared with the same period in 2021, and advanced persistent threats (APTs) are a growing concern in the region.

Ransomware has become the most significant cyberthreat of the times and government departments, organisations across industry sectors and individuals are all being targeted.

This growing threat requires the reprioritisation of cybersecurity countermeasures, says Kaspersky Southern African Development Community territory account manager James Gumede.

“The types of cyberattacks in the local market we are seeing impacting businesses and across different industries reinforce the need to be vigilant and educate employees on what constitutes cybersecurity best practice, especially as cybercriminals tactics and methods evolve,” he says.

Kaspersky's research also shows that governments, diplomatic entities and education institutions are increasingly being targeted by APT groups. APTs often stay undetected for months and, typically, focus on high-value targets, such as well-known companies and government departments.

“Such is the extent of this threat that South Africa has joined Nigeria and Egypt as the three most targeted countries on the continent. We have found that one of the most active threat actors in this regard is TransparentTribe.

“This group focuses on diplomatic entities, educational institutions, government departments, and the military. It uses macro-based malicious documents to penetrate organisations and universal serial buses (USBs) that can steal data from air-gap networks,” highlights Gumede.

Additionally, another group very active in South Africa is Lazarus. This threat actor focuses on stealing money and sensitive information possibly for national security purposes. It targets everyone from the military and government to telecoms and pharmaceutical organisations.

“Lazarus has a long history of being behind some of the most devastating attacks in the world that includes the Bangladesh heist in 2016. Having such an influential threat actor active in the country is cause for major concern,” he adds.

“The attack on [State-owned logistics agency] Transnet last year showed that a successful ransomware breach can stop any business dead in its tracks, and result in significant financial and reputational repercussions.

“However, for a hospital or other critical infrastructure, not being able to access data and systems could become a matter of life and death,” adds Gumede.

Tracking, analysing, interpreting and mitigating against these constantly evolving cybersecurity threats can place a massive burden on already strained company resources and it is for this reason that using an integrated threat intelligence portfolio of solutions is so critical, he says.

“By integrating up-to-the-minute threat intelligence feeds containing information on suspicious and dangerous Internet protocols, uniform resource locators and file hashes into existing security systems, security teams can inject a level of automation into the process that significantly frees up their time. This enables the organisation to improve and accelerate its incident threat response and forensic capabilities,” he says.

Using a threat intelligence solution empowers the company to prevent the exfiltration of sensitive assets and intellectual property from infected machines. Having the ability to detect infected assets quickly will help ensure the business can stay ahead of malicious threat actors, he adds.

“Threat intelligence creates an environment where the company can detect and prevent attacks like ransomware and APTs from taking place.

“Effective cybersecurity has evolved and now requires threat intelligence to be incorporated into the entire defensive footprint of a company to safeguard itself from the most significant threats facing them today,” concludes Gumede.

Edited by Chanel de Bruyn
Creamer Media Senior Deputy Editor Online



SBS Tanks
SBS Tanks

SBS® Tanks is a leading provider of innovative water security solutions with offices in Southern Africa, East and West Africa, the USA and an...

Weir Minerals Africa and Middle East
Weir Minerals Africa and Middle East

Weir Minerals Europe, Middle East and Africa is a global supplier of excellent minerals solutions, including pumps, valves, hydrocyclones,...


Latest Multimedia

sponsored by

Photo of Martin Creamer
On-The-Air (12/07/2024)
12th July 2024 By: Martin Creamer
Magazine image
Magazine round up | 12 July 2024
12th July 2024

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?







sq:0.255 0.311s - 202pq - 2rq
Subscribe Now