Ransomware attacks in South Africa have doubled



Executive Editor
JOHANNESBURG, (CAJ News) – GOVERNMENT departments, organisations and individuals must reprioritise cyber security countermeasures amid the constant risk of attacks in South Africa.

Kaspersky research has established that from January to April this year, ransomware attacks in the country have doubled over the comparative period of 2021.

Ransomware has become the most significant cyber threat.

“If we have a look at the local market, the types of cyber attacks we are seeing impacting businesses, and across different industries, reinforces the need to be vigilant and educate employees on what constitutes cyber security best practice, especially as cyber criminals tactics and methods evolve,” said James Gumede, SADC Territory Account Manager at Kaspersky.

SADC is the 16-nation Southern African Development Community.

Gumede said the attack on Transnet last year showed that a successful ransomware breach could stop any business dead in its tracks, resulting in devastating financial and reputational repercussions.

“But just imagine what could happen if the likes of a hospital, or other critical infrastructure, should fall victim to a compromise,” he said.

“Not being able to access data and systems then becomes a matter of life and death,” the official added.

Another growing concern in the region is that of Advanced Persistent Threats (APTs) that can often stay undetected for months and even years.

These complex attacks typically focus on high value targets such as well-known companies and government departments.

Kaspersky research has found that governments, diplomatic entities and education institutions are increasingly being targeted by APT groups.

The most active threat actors in this regard are TransparentTribe.

“Such is the extent of this threat that South Africa has joined Nigeria and Egypt as the three most targeted countries on the continent,” Gumede said.

Another group active in South Africa is Lazarus, which focuses on stealing money and sensitive information possibly for national security purposes.

It has a long history of being behind some of the most devastating attacks in the world that includes the Bangladesh heist in 2016.

“Having such an influential threat actor active in the country is cause for major concern,” Gumede added.

– CAJ News




scroll to top