Ransomware – a type of malware that stops people from using their computers and accessing their data until a ransom is paid to the creator – is rearing its head in South Africa. Specialist IT security vendor, Securicom was commissioned by three local businesses in late 2014 to assist with removing ransomware from systems and recovering data.
The company’s Richard Broeke, says ransomware infections are going to become more common.
“Ransomware is a very real problem that is rearing its head in South Africa. Cyber criminals literally hold a company’s data hostage. Globally, millions have been hit with ransomware, and experts are predicting that the next targets will be smaller businesses. South African companies aren’t immune,” he warns.
Ransomware effectively encrypts data and either prevents or limits users from accessing their systems. Victims are forced to either lose their data or pay a ransom through online payment methods to get it back.
Computers can be infected with ransomware through a variety of ways. The malware can be downloaded unwittingly by users when they visit malicious or compromised websites. It can also arrive as a payload, either dropped or downloaded by other malware. Some ransomware are delivered as attachments in spam emails.
Once it is in, ransomware either locks the computer screen; encrypts certain files with a password, or locks files like spreadsheets and documents. Ransomare isn’t new. It first emerged in Russia around 2006. Evolving over the years, newer ransomware variants really began to spread in 2012 to Europe, Canada and the United States.
In January this year, the Federal Bureau of Investigation in the United States issued an alert for computer users to stay vigilant of ransomware scams, as they are on the rise, naming CryptoWall as one of the latest threats.
According to Broeke, of the three companies that Securicom assisted with ransomware infections in 2014, only one was able to recover their data. Another company, where the CFO’s laptop had been infected, actually went as far as to pay the ransom in order to recover critical data – which hadn’t been backed-up. Fortunately, in this instance, the data was returned.
“Paying the ransom is never a guarantee that the data will be returned, and experts agree that this isn’t the ideal remedy anyway. The more companies continue paying ransoms to have their data released, the more viable and profitable it is for hackers to continue.
“Sure, some of the less sinister ransomware variants can be removed with a few specific tricks, and without losing files. But, with some variants that isn’t the case. The best way to deal with ransomware is to prevent it from happening in the first place. Prevention is far better than cure.”
When it comes to prevention, Broeke says companies need to re-focus on IT security.
“This is where South African companies, smaller ones in particular, tend to fall short. The slowing of the economy has meant budget cuts, resulting in less spend, fewer resources, and less focus on security.
“The benefits and importance of investing in premium security solutions cannot be underestimated. If the three companies we worked with last year had an up-to-date and effective IT security solution in place, those infections would have been prevented.
“Security software is only as good as the last update. With threats always evolving, security software needs to be updated, and the security status of the network, and endpoint eco-system, needs to be monitored constantly.
“Backing-up data is also an important defense against ransomware. Users can use a dedicated external hard drive for backups, plug it in, complete the data backup and then make sure to unplug the drive. A better strategy is using a cloud-based backup system. Back-ups can be scheduled, providing isolated copies of data in case a computer gets infected.
“Companies should look at a managed service if they don’t have the necessary resources in house. Outsourcing IT security means companies can access best-of-breed security technologies and expert advice,” concludes Broeke.
Securicom is a leading managed IT services vendor in Africa, with global presence. It is one of a handful of local vendors to offer an end-to-end range of fully managed IT security services for the cloud, from the cloud. Its consumption-based services are available through a select partner network in Africa.
Securicom’s holistic suite of solutions provides comprehensive weaponry and proactive defence against the host of threats that afflict businesses today from endpoint protection, managed firewalls, and advanced Fortigate reporting, to WAN and LAN optimization; email content management, and mobile device management.
Solutions are packaged to harness the capabilities of best-of-breed technologies including Symantec Brightmail, Riverbed, Fortinet, logMojo, and XenMobile. Solutions are hosted upstream at Securicom’s highly-secure, local data centres.
Securicom has offices in Johannesburg, Cape Town and Namibia; and offers its services in 10 other African countries. For more information on Securicom, please visit www.securicom.co.za
- Covid-19 lockdown spurs massive spike in new business account registrations online | #eBizInisghts| Jonathon Smit of Payfast |Podcast - May 29, 2020
- Insights on Data: Podcast 4 Data Literacy and Skills | #eBizInsights| Jayson O’Reilly|Podcast - May 27, 2020
- We’re facing a new way of connecting with consumers| #eBizInsights | Victor Koaho - May 27, 2020
- Types of Covid-19 tests explained| #eBizInsights | Gerald Naidoo - May 27, 2020
- The Marketing Research Foundation updates the industry| #eBizWires - May 27, 2020
- How do we get through this trauma? |#Lifestyle |#Monique Strydom| Podcast - May 22, 2020
- How to handle the unexpected news of retrenchment |#Insight |#Devan Moonsammy - May 19, 2020
- THERE IS NO RISK IN BEING DIFFERENT WHEN NOTHING IS THE SAME| #eBizInsights | Ursula McDonald & Pippa Capstick | Podcast - May 18, 2020
- Insights on Data Podcast 3: Data Analysis | #eBizInsights |Quinton Senekal - May 18, 2020
- Remote working during Lockdown | #eBizTechnology | Arthur Goldstuck | Podcast - May 11, 2020