When hackers smell blood- watch out!

If you are an entrepreneur in South Africa, on your computer, you should be afraid – very afraid.  For South Africa is ranked third in the world for its vulnerability to cyber-crime. When the hackers smell blood – watch out! 

Don’t South African entrepreneurs have enough problems ? Power cuts, price increases, crumbling infrastructure, scarce skills ?

Yet, the  biggest headache of all is how do you save your business from hackers when they sniff blood?

According to an Accenture report South Africa is ranked the third in the world when it comes to cyber-attacks. This threat became real in July-August 2021 hackers tore intothe computers of the  country’s transport umbrella Transnet. It was bad enough to close down ports for three weeks.

This showed cyber security is no longer someone else’s problem; it is a growing crisis.

But South Africans are resilient and are coming up with solutions. One of them is Professor Basie von Solms, Director at the Centre for Cyber Security at the University of Johannesburg.

“I think cyber counterintelligence is very important for South Africa. Public-private partnership is key to cyber security. The skills are in the private sector, but government needs those skills.”

Von Solms shared his concerns at the recent  Cyber Intelligence Africa conference in South Africa: “Most organizations are at risk, hospitals, pharmacies, banks, national agencies and large companies.”

There is a perception only national agencies should be concerned with cyber security, von Solms dismisses this idea.

“Cyber counterintelligence is not only for national agencies and companies but is required for every small business.”.

With weak cyber counterintelligence, South Africa is vulnerable to cyber-attacks resulting in profit destruction, reduced efficiency right up to a serious national security threat.

“In South Africa cyber security is still very reactive (like the use of  antivirus software), we need to start looking at new methods, become more proactive.”

As the old saying goes, the best defense is good offence; von Solms is encouraging an offensive strategy.

Many businesses may rely on government for these strategies, but the reality is the government does not have the money.

“We are not in a first world country, we don’t have the capacity, expertise and money to do what first world countries do.”

“But we also cannot say because we are not a first world country, we throw in the towel.”

South Africa can protect businesses with out of the box thinking and a change in mindset.

The process begins with changing the view that cyber security is not important.

“Most businesses do not take the cyber threat seriously!”

The financial loss due to cybercrime can be heavy, hence the motivation for business leaders to change their mindset is the threat of going into the red.

A proactive stance allows an organization to be one step ahead of cyber criminals by identifying internal weaknesses and shutting them down.

“Let us not just wait for the act to happen and them to come to us. Plan for risks that haven’t been identified that may happen.”

Von Solms compares cyber counterintelligence to a spy film where Mr Bond must foil the evil Dr No’s plan. If Bond is to wait for the attack thousands would die; similarly, if business and government waits thousands of Rands could be wasted.

The financial cost of planning ahead may be great, but it outweighs the potential losses of a fierce cyber-attack.

Unlike Bond, in the real-world criminals often find weaknesses unimaginable to ordinary tax paying civilians.

“There are some attacks that cannot be prepared for, we have no idea of what it is or where it will come from.”

Cyber criminals do not evaluate the business, they use bots to search for weaknesses in websites and attack once a weakness is found.

There are no names or faces, simply dollar signs, remember hackers are running a business with the goal of extreme profitability.

If a business does not stay one step ahead to protect its profitability, they may prepare for a blood on the income statement and very little else.