Read time: 3 minutes

Denial only diminishes Africa's cyber security

By , Portals editor
Africa , 14 May 2018

Denial only diminishes Africa's cyber security

'It won't affect us' or 'we're not significant enough to be a target' reflects a mindset of denial that definitely exists in Africa and is playing into the hands of cyber criminals.

This is one of the points raised by Rick Rogers, the Area Manager for Africa at global cyber security solutions provider Check Point Software Technologies.

Rogers says many African organisations, especially the larger, high profile entities, understand the need to implement cyber security solutions at a government and management level, but this does not filter down to strategy, execution or deployment.

"Often businesses have the incorrect notion that if they have the correct technology in place, they'll be ok. Although technology is a vital component – user education around vigilant behaviour is equally important. Sometimes it's the C-level executives themselves that think they don't need to follow policy because they have the right solutions in place – and this sets the completely wrong tone throughout the organisation."

The weak point according to Check Point is that instead of deploying end-to-end solutions, businesses are still implementing solutions to protect isolated areas of the business.

Urgency is another issue impacting on the continent's defence capability says Rogers who adds that there is often a 12-to-18 month gap between a project's conceptualisation and its actual execution.

"But threats don't stand still. Businesses need to be more agile in their approach to cyber security and make decisions on what needs to be done more quickly," he says.

Cryptomining threat

Agility and urgency should be foremost on the minds of decision makers, particularly in light of a surge in cryptomining malware attacks globally and in South Africa.

Check Point's latest Global Threat Index for the month of March revealed the prevalence of malware known as the XMRig variant.

"In March, Coinhive retained its most wanted spot for the fourth consecutive month impacting 18% of organisations globally, followed by the Rig EK Exploit Kit in second (17%) while the Cryptoloot miner was third (impacting 15%). XMRig was the 8th most common malware variant, impacting 5% of organisations," the report stated.

Doros Hadjizenonos, Check Point Country Manager for SADC, says, "Cryptomining malware has been quite the success story for cybercriminals, and XMRig's rise indicates that they are actively invested in modifying and improving their methods in order to stay ahead of the curve. Besides slowing down PCs and servers, cryptomining malware can spread laterally once inside the network, posing a major security threat to its victims. It is therefore critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families and brand new threats."

So the technology is available, says Rogers, and adequately covers essential components including mobility, desktops, user devices, core networks and systems.

However, in order for businesses to benefit, they have to not only acquire the technology – they must deploy and use it effectively.

"This is why there is such significant emphasis on properly developing an ecosystem of skills across markets," adds Rogers.

Gen 5 attacks

"Technology is fantastic, but if businesses don't know how to use it, then they will fall short. The appropriate skill, knowledge and certification must be in place to take maximum benefit of the technology," he adds. "In order to build the necessary depth of skilled security personnel in Africa, security service providers need to ensure they are developing strong capabilities across their ecosystems."

Businesses on the continent will need all the skill (and mature solutions with strategically planned and executed incident response) they can muster if they are to effectively deal with what Check Point calls fifth generation attacks, those that are large-scale and multi-vector in nature – even state-sponsored in some cases, according to Rogers.

There is also the mobile frontier to deal with. It is accepted that mobile is the main channel of connectivity in Africa and Rogers says businesses understand that mobile devices are a window for cyber criminals to their organisations.

"But when it comes to decisions around budget, typically data centre security still wins the lion's share, and companies figure they will address mobile security at a later stage. But while research shows that it's still a relatively small number of phones that actually get hacked, even if just 1 or 2% of a business' phones are actually hacked, they will still provide the window for a much larger cyber security issue to emerge," Rogers explains

Mobile and issues like BYOD and MDM is definitely an ongoing discussion, he adds.

"For many clients, the issue with cyber security costs is that they snowball. They have to think of a solution for their data centre, desk tops, mobile phones, and the list only grows, adding up quickly. This is why many businesses are interested in an approach which takes away the pain of having too many vendors, consolidates management across operations and provides one single cost. "

Daily newsletter