Email security and cyber-resilience company Mimecast's '2021 State of Email Security' report showed that 47% of South African companies surveyed were infected by ransomware during 2020 and that 48% of South African organisations reported significant increases in the volume of email, but 12% still do not have any email security in place.
Phishing attacks surged by 57% since the pandemic began.
The companies that suffered ransomware attacks in 2020 experienced an average of seven days of downtime. More than half, 53%, of South African ransomware victims paid threat actor ransom demands, but only 60% of those were able to recover their data. The remaining 40% never saw their data again, despite paying the ransom, says Mimecast cybersecurity expert Brian Pinnock.
Additionally, 85% of South African respondents indicated that their companies had experienced a business disruption, financial loss or other setback in 2020 owing to a lack of cyber-preparedness, and identified ransomware as the chief culprit behind these disruptions.
"Our latest research shows that organisations are aware of their vulnerabilities, but are not making a commitment to implement technologies and conduct training that would improve their resilience against ransomware, phishing and other email-borne attack types," says Pinnock.
The pandemic-driven digital transformation of work has led to a huge increase in the volume of emails and email-borne threats across the globe, he points out.
"Organisations' cyber-preparedness is not keeping pace with the efforts of cybercriminals. The disruptive impact of the pandemic on the world of work and the growing digitisation of our daily lives have created prime conditions for cybercriminals and South African organisations are under immense pressure to urgently build greater cyber-resilience or risk significant damage from cyberattacks in the coming year," he emphasises.