Fraudsters and hacktivists currently have the upper hand in the world of cyber crime, and organisations have been urged to strengthen their defences to protect their assets against this continuously evolving challenge.
That’s the recommendation of Adam Bangle, Vice President for Europe, the Middle East and Africa at RSA, The Security Division of EMC.
“Looking at the changing threat landscape and how individuals and governments need to respond to that, we are witnessing a substantial increase in the sophistication of attacks perpetrated by highly organised groups,” Bangle says.
“Some are of criminal intent, while others are hactivisits whose primary motivation is to be disruptive. We have not yet seen terrorist-orientated attacks but the threat remains. Companies need to be aware.”
The increasing sophistication and resourceful of these attacks enables criminals to mask their activities, with the result that it can take up to a year for attacks to be uncovered – by which time it is too late for damage to be prevented.
Bangle mentions a recent case in South Africa where data from customers’ bank cards was compromised by international criminal syndicates which infected electronic payment terminals in fast food outlets with a malicious software bug called Dexter.
“Although there have been similar attacks in the US and Europe, this particular bug was specifically compiled for South Africa,” he says. “Criminals look at South Africa as a potential market because it has similar banking systems to those used in the US and Europe, and the dominant business language is English, so it’s relatively easy to launch similar attacks.”
These factors also lead to a high incidence of phishing in South Africa. “As North American companies strengthen their defences, attackers will move to softer targets, and South African organisations need to be alert to that. South African banks have first-world systems, but they can’t afford to be complacent. As volumes increase in e-commerce transactions, retailers will have to fortify their defences,” Bangle says.
Commenting on the level of awareness in the country, Bangle says people are alert to the security challenges they face on an organisational level.
“People want to understand more – the options available, as well as the technology and skills needed to increase their defences,” he says. “It’s incredibly encouraging to see that the South African marketplace is sophisticated, alert, proactive and taking appropriate countermeasures. However, enterprises need to move with speed, as right now the hackers and fraudsters definitely have the upper hand.”
RSA assists organisations in leveraging Big Data and deploying their data in a security context to create intelligent, driven security systems which are agile by nature. In addition, the company recognises the need for new security skills to optimise the potential of the increasingly sophisticated security systems which enterprises are compelled to deploy.
“We work with individuals to train and retrain in the new systems of security analytics,” Bangle says. “In 2014, I believe organisations will have to reassess how they spend their budget. It is likely that we will see a shift as companies spend less on prevention and more on detection as well as on the expertise and skills of people operating their security systems.”