Since the dawn of the internet, cyber security has been a major concern for both web users and the organizations charged with tackling the exploits of black-hat hackers and cyber criminals.
Security software has become increasingly sophisticated over time, with the introduction of two-factor authentication, data classification, facial recognition, fingerprint validation and so on.
Unfortunately, advances in hacker tech and the anonymity the so-called dark web affords them has meant cybersecurity firms and government departments are constantly playing a game of cat and mouse with web criminals.
Indeed, the frequency of data breaches making headline news across the globe shows no sign of abating. This is an ongoing battle between data owners and those who wish to steal it for their own purposes.
Whether it be in the form of DDoS operations, keylogging, botnets, viruses (malware, trojans, worms etc.), clickjacking, or bait and switch techniques, there are more ways than ever for those who wish to do harm to enact their wishes.
Liberty Life Breach
The largest of these came in 2017, where it is now believed that 60.3 million unique records were leaked into the public domain.
With the population of South Africa thought to be 55 million, many of these records could also include deceased citizens, which Australian cyber security expert Troy Hunt says would make that data ripe for identity theft and forgery.
And, of course, no one in SA will quickly forget the Liberty Life data breach earlier this year that exposed millions of pension and personal financial details.
The company was quick to send out a text to its customers saying they had, “been subjected to unauthorised access to its IT infrastructure, by an external party”, but that in itself was an admission and at a cost to the company’s reputation.
In the immediate aftermath, 4.7% was wiped off Liberty’s share price — representing an R 1.68bn loss on their R 34bn market value.
Worryingly, recent IBM report states SA companies lost an average of R 28.6 million per cyber attack in 2016, R 32 million last year, rising to R 36.5 million in 2018.
Those figures are not yearly sums, they are per attack. Technology with malicious intent and the threat they present to companies’ bottom lines and reputations is becoming increasingly difficult to control and contain in-house.
Facebook itself was hit with a R 9,600,000 fine for its role in the Cambridge Analytica data leak.
It comes as no surprise, then, that South Africa’s Defense and Military Veterans Minister, Nosiviwe Mapisa-Nqakula called for a budget increase in order to develop a strong and capable cybersecurity defense system.
If South Africa’s defense ministry is calling for robust security measures to shore up the country’s data infrastructure, any company or organization serious about protecting their own and their customers’ data would do well to follow suit within the current cybersecurity climate.