Humans the weakest link as cyber warfare intensifies

Source: Vsoftsystems, 18/11/2018

Cape Town - Staff opening suspicious emails represent one of the
weakest links amid a rise in global malware attacks, according to a
software security expert.
Speaking exclusively to Fin24 at the Gartner Symposium in Cape Town
this week, Michael White, product manager at information technology
company Veeam, said educating staff would help curb the spread of
malware.
“Very small companies that simply cannot afford security can rely on
educating their staff not to open suspicious emails that could contain
malware,” said White.
`The real way to avoid malware is educating your users. The idea is to
make them understand that banks and credit unions, or the police
department - (none of these) is ever going to send them an email with
a link in it that is connected in any way to money, or credit or their
financial history,` he said.
South African banks warn users to be suspicious if the process to
conduct a transaction differs from the norm.
Absa, for example states: `We will never ask you to enter your entire
password on our secure website; you will be asked to enter 3 random
characters of your password,` while FNB states: `FNB will never send
you an email with a link to verify any banking transaction or details.`
He added that by patching software with updates to fix or improve
security, and keeping antivirus programs up to date, computers would
be better protected.
Small companies should also plan for the worst, said White.
“Companies and individuals should plan on everything going wrong by
thinking about what plans to put in place, even if it means backing up
data on external hard drives,” White told Fin24.
Due to its magnitude, severity and complexity, the WannaCry malware
virus which hit between 400 000 and 1 million devices globally was the
biggest of 2017, according to cybersecurity company Kaspersky Lab.
In June, Fin24 reported that hackers made less than R26 000 off the
massive Petya malware attack which also affected computers globally -
including thousands in South Africa.

Carey van Vlaanderen, CEO of ESET Southern Africa, told Fin24 that the
financial gain was significantly lower during the Petya Attack,
compared to the recent WannaCry virus. However, the virus did
substantial damage to numerous machines.