By Mark Townsend, Chief Executive Office, Liquid Intelligent Technologies Zambia
Over the years, the digital landscape in Zambia has evolved continuously. As corporations adapt to more innovative technologies and ways of working, the scope of challenges and issues related to Cyber Security also increases.
Latest digital developments, coupled with the side-effects of the global pandemic and increased regulatory and legislative requirements, have pushed the need for Cyber Security to be prioritised not just by big corporations but also by small/micro businesses and individuals alike. In Zambia, the recent enactment of the Cyber Security and Cyber Crimes Act of 2021 is an advancement in the Cyber Security ecosystem of the Country.
Cyber Security protects the confidentiality, integrity, and availability of information that can be critical to the survival of any business or even personal finances and welfare.
Cyber threats, vulnerabilities, and risks
Businesses must clearly understand the threats, vulnerabilities, and information security risks to better protect their data and choose Cyber Security safeguards and measures according to their landscape and needs. Understanding the landscape and conditions will allow an organisation to anticipate attacks to a certain extent and deploy solutions and services to protect against these perils. These could range from compromise of critical organizational infrastructure and data breaches to phishing attacks on individuals.
While referring to cyber threats, some of the most common types are Malware, Phishing, Website Defacing, Man in the Middle (MiTM) attacks, Denial of Service attacks, to name a few. Cyber attackers can misuse an individual’s credentials or exploit vulnerabilities within a company’s IT environment to steal information or gain access to personal financial accounts, among other potentially damaging actions, which is why Cyber Security professionals are vital for keeping private data protected. We have seen an increase in Cyber Attacks related to phishing in Zambia, particularly in the mobile money markets where clients have lost millions of kwacha.
It is estimated that about 94% of malware is delivered via email. In contrast, phishing attacks account for more than 80% of reported security incidents and that a total of US $17,700 is lost every minute due to phishing attacks *.
A vulnerability could mean a particular disadvantage such as lack of adequate safeguards or weakness the organization have. Examples of this include unpatched software, which a hacker can potentially exploit. A house without any security devices such as cameras, alarms, or even security guards is at a higher risk of being broken into than those with even one of those physical security measures in place. Throw in a broken door or a window to the already vulnerable house, and chances of an attack increase manifold. Comparably, compromised or outdated Cyber Security software or weak passwords make organizations more vulnerable to hackers, thereby increasing the chances of getting hacked. The Common Vulnerabilities and Exploits (CVE) database lists more than 11,000 exploitable vulnerabilities in commonly used systems and software.
An information security risk is calculated by considering the relevant threats to an organisation, how vulnerable the organisation is given the current safeguards to mitigate against these threats, which offers a likelihood rating that the threat may materialize.
This likelihood rating must then be considered along with relevant confidentiality, integrity, and availability impact ratings of information assets that may be affected should the threat occurs. These ratings combined (added or multiplied depending on the methodology used) gives an information security rating.
The highest-rated information security risks need to be managed by one of the following methods: mitigation (reduce); transfer, say, by way of taking out insurance; avoid or doing away with a system/service that is the risk, and lastly accept the risk because it falls within the organisations risk appetite. It is not as straightforward as it sounds, purely because multiple layers of complexities are associated with threats, vulnerabilities, and information security risks. For instance, a multi-layered approach is required to defend against malware attacks such as safeguards needed for email, Web, endpoints, servers, Groupware, removable media, etc. Different types of attacks must be covered, e.g., known malware can be addressed by essential malware signature protection, but variants thereof require behaviour-based protection.
In contrast, unknown or 0-day attacks require sandboxing or similar. In some cases, organisations don’t realize that their defences are compromised. In layman’s terms, a thief lying in wait for the perfect moment to strike to ensure maximum damage to the homeowner.
Signs, symptoms, and solutions for cyber-attacks
The most obvious signs to detect if a software/phone/laptop/device is infected is to look for any discrepancies, odd/unusual behaviour displayed by the device’s software. If compromised by ransomware, it is often easy to detect it as the hackers usually make their presence known to initiate negotiations.
Phishing emails, which look harmless on the surface, usually cost a hefty penalty when not addressed promptly. Some other examples of a system under attack are frequent crashes or pop-up windows. Unusually slow computers or frequent requests for password changes should be treated with caution since it could indicate malicious activities in the background.
Depending on the sophistication of the attacks, there is a possibility of employees never knowing that their devices were used to infiltrate their employer’s network. Hence, it is vital to ensure that businesses rely on Cyber Security professionals who are appropriately trained and have the right tools to detect any malicious activities on devices, networks, or the Cloud.
Prevention is better than cure
Due to cyber-attacks’ multi-faceted and complex nature, organizations should avoid approaching Cyber Security with broad-brush stroke solutions. Always take care of the basics and ensure that you have a defence-in-depth strategy with multiple layers of protection.
The elements included in the article are not new. However, with an increasing number of businesses adopting the hybrid work culture, the playground for cybercriminals just broadened overnight.
It is time to pay attention to the threats, vulnerabilities, and information security risks relevant to your organizational landscape. The reputation of businesses at stake and losing trust will always negatively impact the growth cycle of any organization.
Verizon Data Breach Investigations Report (DBIR) – 2019 (https://www.phishingbox.com/news/phishing-news/verizon-data-breach-investigations-report-dbir-2019)