/ 5 May 2022

What can the government do to limit cyber threats?

Complex 'the Mask' Malware Found Behind Massive Cyber Attacks
In 2021, South Africa had the third-highest number of cybercrime victims worldwide and it cost the economy R2.2-billion a year.

A slew of high-profile attacks on core public sector systems have made the headlines and undermined the ability of the state to deliver vital services to citizens.

If we don’t quickly take bold action to address cybercrime, any present efforts to build a strong and resilient public sector could quickly and devastatingly come to nought.

Governments, organisations besieged by cyberattacks

The Covid-19 pandemic may be widely hailed as the greatest accelerator of digital transformation, but it has also rocket-fuel propelled the global cybercrime industry to unprecedented levels of activity.

As organisations and governments digitise core processes and introduce new digital channels for remote work, distance learning, e-commerce, customer service and more, threat actors have found a goldmine of opportunity to launch crippling attacks.

Mimecast research has laid bare the extent to which organisations and governments around the world are besieged by cyberattacks.

Internationally, 80% of organisations in the State of Ransomware Readiness report said they had been attacked by ransomware in the past two years. Larger enterprises — those with more than 5 000 employees — were the target of nearly 10 000 such attacks on average.

In its latest State of Email Security report, Mimecast found that 94% of South African companies have been targeted by an email-related phishing attack in the past year, with about two-thirds citing an increase in such attacks. The cost of ransomware attacks are also piling up, with three in five organisations (60%) citing damage from a ransomware attack — up from less than half (47%) in 2020. In addition, nearly half (49%) of organisations experienced business disruption because they were unprepared, 48% experienced data loss and 42% saw a negative effect on employee productivity.

At the end of 2021, Mimecast’s threat hunting team uncovered a scam involving postal services in at least 26 countries, including South Africa. A group of threat actors used trusted postal services brands to trick consumers into sharing private and financial information, employing phishing emails and spoofed web pages.

What can governments do?

The World Economic Forum (WEF) points to three key ways that governments can protect against cyberattacks: by adjusting national cybersecurity policy frameworks, improving international cooperation and conducting ongoing education initiatives to increase cybersecurity awareness.

Governments are taking steps to combat the risks posed by the global cybercrime industry.

The US Department of Justice has elevated the investigation of ransomware attacks to a similar priority level as terrorism, after attackers successfully disrupted key national infrastructure, including Colonial Pipeline, which crippled the supply of fuel to the country’s East Coast.

Australia announced a national plan to combat ransomware attacks, including increased penalties for those found guilty of perpetrating such attacks, and greater power for policing agencies to investigate and prosecute ransomware criminals. There’s also mandatory reporting of ransomware for businesses with a turnover of more than $10-million a year.

Germany adopted its Cyber Security Strategy 2021, which sets out the country’s response to ransomware and other cyberattack types for the next five years.

In the United Arab Emirates, a National Cybersecurity Strategy was launched in 2019 with the aim of creating a safe and strong cyber infrastructure that keeps citizens and businesses safe. The establishment of a Cybersecurity Council, run by the head of UAE cybersecurity, aims to strengthen the country’s capacity and improve response times and coordination against potential attacks. It comes in the wake of a 250% increase in cybersecurity incidents in that country.

South Africa has responded with the Cybercrimes Act, which creates new offences related to cybercrime and hands the police service and National Prosecuting Authority additional powers to investigate ransomware attacks, cyber forgery, extortion and the unlawful interception of data.

The Act came into law on 1 December 2021 and the hope is that law enforcement and prosecutorial authorities now have much-needed support in the fight against cybercrime and can more effectively investigate and prosecute cybercriminals.

Cooperation and awareness vital in fight against cybercrime

The WEF advises that governments need to formalise cyber-related information sharing and cooperation to unify the response to cyberattacks. Governments will need to work through structures such as the African Union, European Parliament and other global bodies to ensure data and information about attacks and threat actors are shared.

Private companies, especially those operating in the cybersecurity industry, have a critical role to play too. Cybersecurity providers operating across multiple markets have highly valuable intel on attack types, new risks and threats, and threat actors that can inform government policies and responses.

In addition, a concerted national awareness campaign that informs citizens and small businesses of common and emerging cyber threats must be implemented with urgency. Such a campaign could follow the template of the government’s response to the Covid-19 pandemic by providing regular communication about cyber risks and steps citizens can take to protect themselves.

Another example of a successful awareness campaign was the one involving Cape Town’s water crisis in 2017-18, where citizens were urged to save water to avoid “day zero”. Citizens could similarly be warned about cyber threats and the effect they might have on them personally.

A consumer-friendly information campaign could also follow the example of the Zap-it-in-the-zibi-can “do not litter” campaigns of the 1980s. This turned a mundane activity — putting trash in the can — into something that is fun, memorable and relatable to a broad swathe of the population.

Whatever form this takes, it is vital that the government takes bold steps to protect critical infrastructure, businesses and citizens from ruthless cybercriminals. Not doing so could expose the country to immense risk and undo much of the good work being done to rebuild our economy.

Moss Gondwe is the public sector director at Mimecast.

The views expressed are those of the author and do not necessarily reflect the official policy or position of the Mail & Guardian.