Cyber Attacks: Are You Ready?

Published on 25th February 2014

Juliette Doyle (left) with Bethwel Opil (right) during a media briefing in Kenya.
Cybercrime is one of the fastest growing areas of crime. Criminals are increasingly exploiting the speed, convenience and anonymity that modern technologies offer in order to commit a diverse range of criminal activities. These include attacks against computer data and systems, identity theft, the distribution of child sexual abuse images, internet auction fraud, the penetration of online financial services, as well as the deployment of viruses, Botnets, and various email scams such as phishing. Bethwel Opil, Channel Sales Manager for East Africa, Kaspersky Lab discusses this subject with Josephat Juma of The African Executive.

Q: What is cybercrime?

A: One of the most appropriate definitions for cybercrime is the one I found on Tech Terms, that defines Cybercrime as; ‘A criminal activity done using computers and the Internet. This includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet.’

Q: Most people associate cybercrime with activities done within a cybercafé. Do similar activities done on say, smartphones, also fall in this category?

A: Most certainly yes. Broadband has grown at an alarming rate over the last few years, especially in Kenya, and mobile devices such as the smartphone are fast being targeted by cybercriminals, to steal sensitive data. In line with this, the reality that not only are more consumers accessing the Internet via their smartphones, but organisations in Africa are implementing Bring Your Own Device (BYOD) polices into their business frameworks too, which, if not managed correctly, can pose a serious risk. Gone are the days when cybercrime only impacted a computer. If something can access the Internet then it can become a target for cybercriminal activity.

Q: Cybercrime is growing at a faster rate in Africa than in other continents. What explains this trend?

A: As Internet usage in a country increases, so do Internet security breaches increase. As more broadband is made available to the market, more consumers and businesses are embracing the digital world - often making them an ideal target for cybercriminals.

Our experience reveals that growing economies are often tracked by cybercriminals for potential targeting as a result of these countries being ‘new’ on the Internet scene. The criminals hope that consumers do not understand the realities of Internet security. Compared to first world countries, Africa is not on par with online security; and, this certainly needs to change. This is why Kaspersky Lab is so passionate about educating the African market about cyber security, to ensure that such activity can be reduced and that consumers and businesses are equipped with the right tools to protect themselves from falling victims to cybercriminals.

Q: What types of cybercrimes exist in Africa?

A: There are a number of cybercrimes that are present in Africa at the moment. The following types that exist are:
• Spam
• Viruses, spyware and other malicious programmes
• Phishing
• Hacking
• Denial of service attack
• Credit Card Fraud
• Software Piracy
• IRC crime (internet relay chat)
• Spoofing (getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges,  as to obtain access to the other computers on the network)
• Cyber Stalking
• Cyber Defamation
• Net eEtortion

Q: How does one measure cybercrime?

A: Cybercrime is measured by how aggressive it is in a particular country. For instance, according to a cybercrime statistics report released earlier this year, Kenya could have potentially lost up to $23 million in 2013 through cybercrime alone. Based on this figure, it is evident that cybercrime activity is high in this region.

Additionally, we use our Kaspersky Security Network for detecting and also for measuring cybercrime. It integrates cloud-based technologies into personal and corporate products and is one of Kaspersky Lab’s most important technologies. With its help we can say, for example, how many and what threats were identified on computers of users of our products and place a country in a list of cybercrime activity by different parameters such as cybercrime activity, the number of threats experienced, etc.

In Europe and America, which have had access to broadband for longer than Africa, these continents are more equipped to deal with cybercriminals than Africa is and as such, cybercrime gets measured more highly in Africa than on any other continent.

Q: Only five out of the 57 countries that make up Africa have cybercrime laws in place. How would you rate the efficiency of these laws?

A: On a scale of 1 to 10, in my opinion I would give it 4 because these countries lack technical capacity and political ‘good will’ to implement them in this regard.

Q: What explains why only few countries in Africa have these laws?

A: The following could potentially form some of the reasons for this:
• Cybercrime in Africa is not well-documented, however one example is of an Algerian hacking attack that defaced several Romanian websites, of which some were very well known.
• Governments in Africa are yet to widely consult with various security stakeholders to determine the impact of cyber crime in their countries.
• Most countries still have a feeling that cybercrime is for the ’developed world’ and that is not a priority at the moment.
• Most African countries still lack the broadband and Internet capacity to warrant major cyber attacks.

Q: Cyber criminals are currently using more sophisticated attacks, such as ransomware and spear-phishing. How can countries respond to these changing trends in terms of legislation?

A:  I would suggest the following:
• Increase their maximum terms of imprisonment for cybercrimes.
• Review legislation periodically to match the ever changing cybercrime techniques.
• Train and educate the law enforcers on sophisticated attacks.
• There is a need for the sharing of information on cybercrime between different countries through Interpol.

Q: More than two-thirds of countries in Europe report sufficient legislation on cybercrime. Which countries, in your view, serve as good examples in curbing cyber-crimes?

A: While I was undertaking some research for this question, I came across a report entitled ‘National legislation implementing the Convention on Cybercrime.’ The report states that France, Germany and Romania are the most equipped countries in Europe who are able to combat cybercrime. This is mainly due to the fact that these countries have the resources in place to protect themselves from cybercrime.  

Q: Cybercrime in 2013 was reportedly dominated by a core of around 50 active groups, including Russian and Chinese ‘threat actors.’ Is it possible for a country or institution to develop a cyber-attack shield—to ward-off external cyber-attacks?

A: As cybercriminlas get smarter with hacking into organisations and developing tools and tactics for stealing information that the average person would deem impossible to do, a more proactive approach to IT security is needed and should be considered a must. This is how countries and institutions will protect themselves – by ensuring they have the right security measures in place. However, further to this, IT security now also goes beyond basic anti-virus protection. Cybercriminals may be getting smarter, but so too are effective security solutions, where there are numerous products available on the market today for both end users and corporates to make use of - solutions that offer an all-encompassing platform of solid protection.

Q: How should a country/institution go about doing this?

A: Firstly, businesses and consumers need to educate themselves on the importance and seriousness of cybercrime. In fact, this is exactly why Kaspersky Lab has established presence in Kenya – to ensure we remain vigilant in educating all users as to the tools and solutions available both for PCs, mobile and corporate networks to safeguard their data. Additionally, Kaspersky Lab has released a number of products that can help business and consumers to combat cybercrime and to make sure that they do not fall victim to cybercrime in 2014.  So businesses need to work with a security partner, they trust, to get the right advice and the right products to protect all their data, as well as to introduce efficient security policies for their employees.

Q: With the mutating nature of cybercrime, how can a country catch up with security measures?

A: A country can catch up to security measures by educating themselves, staying on top of key IT security trends and then of course making sure that the right security is implemented and effective legislation is in place and is enforced. In fact, Kaspersky Lab introduced Endpoint Security for Business, the company’s flagship corporate security platform for businesses, which has been built to provide the industry’s best protection from advanced malware and cybercrime, and also to combat another common enemy of IT security – complexity.  To simplify and secure organisations of all sizes, Kaspersky Endpoint Security for Business comes with a number of new and improved technologies that allow IT Administrators to see, control and protect their network: protect all systems and endpoints in the network, whether it’s a PC down the hall, a virtual machine in another office, or a missing smartphone across the country.

Q: The cost of cybercrime and cyber espionage to the global economy is probably measured in the hundreds of billions of dollars. Kenya could have potentially lost up to US$23 million in 2013 through cybercrime. Can this be broken down for an average citizen to understand?

A: No particular breakdown was reported when the cybercrime statistics were released by Fred Matiangi, the Kenyan cabinet secretary for information and communication technology (ICT); however the banking industry is the most affected by cybercrime. It has been reported that on a daily basis, close to 1,000 Kenyans fall victim to Internet fraud.

According to the Global Corporate IT Security Risks 2013 survey,⁵ conducted by B2B International in collaboration with Kaspersky Lab, an estimated financial impact of a security breach in a large company can be up to $649,000, of which $566,000 are losses caused by the incident itself — lost opportunities and profits, as well as payments to third-party remediation specialists, while the rest is spent on prevention of further attacks. The costs of a cyber-attack against small and mid-sized enterprises are lower than for large corporations. Nonetheless, considering the smaller size of these companies, the amounts still deal a significant blow. The average loss resulting from IT security incidents for mid-sized companies came in at roughly $50,000, of which approximately $36,000 is accounted for by the incident itself, while the remaining $14,000 comes from other associated expenditures.

Q: With Kenya going digital and about to dish Internet-connected laptops to school pupils countrywide, is the country staring at widespread cybercrime? Which measures should schools put in place?

A: I think it’s great for more schools in Kenya to have access to the Internet and educate their pupils on how to use computers. However, this can also be detrimental to the school if not monitored/protected in the right way. As such, Kaspersky Lab would firstly suggest that before pupils are allowed to use the computers, the school must ensure that the right anti-virus systems are put in place and installed on these computers. Secondly, the school must make sure that the pupils realise that the computers are a privilege and therefore security and safe keeping of these devices should be taken seriously. The pupils should also be taught about the realities of cybercrime, so that they are aware of the dangers in this regard. Lastly, some tips from us would ensure that the pupil’s passwords are changed at least once a month and teachers are to ensure that the pupils are not abusing this privilege and not using the Internet to access social media, which can open the gate to number of cyber activity.

Q: Over 60 per cent of all Internet users are in developing countries, with 45 per cent of all Internet users below the age of 25 years. That means more youths are involved in cybercrimes. What could be the motivation behind this age-group doing this?

A: I think as broadband and the Internet has begun to make a real impact in Africa, the youth today are more technologically advanced than the older generation. The younger generation understand the new trends that have emerged over the years and as such know that countries, like Kenya are vulnerable and ‘new’ to the Internet scene and therefore are easier to attack. However, cybercriminal activity is not only determined or shaped by age – many groups of different races, ages and backgrounds have been known to be involved in this space.

Q: By the year 2020, the number of networked devices will outnumber people by six to one. How should we brace for this?

A: Firstly, and Kaspersky Lab cannot stress this enough, both consumers and organsiations must educate themselves on the seriousness of cybercrime and how detrimental it can for the organisation and consumer, if not taken seriously. Additionally, companies should challenge themselves to be more proactive and implement the right security, now, and not wait for cybercriminals to attack them, but rather take a proactive approach. A lot of CEO’s and CFO’s take the ‘that would never happen to my company’, approach which is not the right attitude to have. Companies must take cybercrime seriously and start implementing the necessary now, before they face a specific threat.

Q: What are Kaspersky’s security predictions for 2014?

A: The main predictions that Kaspersky Lab see’s for 2014 are the following:

• Mobility and Bring Your Own Device (BYOD) made a huge appearance in Kenya in 2013 and the trend in cybercrime seems to be swinging towards using mobile phones to access sensitive data. Kaspersky Lab believes that cybercriminals will spread malware on Android-based phones to hack into consumer and businesses bank accounts to potentially have access to their most personal details.

• As Bitcoins made a big appearance at the end of 2013, it may well be a cause for concern for the year ahead. As this is something that is relatively new for consumers, they may not be aware of the damage it can cause if their Bitcoins are not properly protected.

• Lastly, companies should be more aware of ‘Cloud’, as cybercriminals focus towards cloud storage providers and software developers. As the cloud continues to grow and increase in popularity across Africa on the business front, hackers will look to target cloud organisations in an attempt to once again gain access to critical information.

Q: What key indicators does the company consider when coming up with these predictions?

A: Kaspersky Lab considers the Historical data on level of preparedness of the country on cybercrime; the Internet usage and data bandwidth growth a country has; Growing trends in reported malware on different OS and adoption of those OS in the country; and the growth and popularity of new technologies, For instance: Cloud Computing, Bitcoins and BYOD. Most companies and consumers do not have the right knowledge of how to protect these new technologies and therefore fall victim to cybercrime. 

Q: Why should consumers and businesses take a keen interest on cybercrime reports?

A: It is essential that both consumers and businesses take cybercrime reports seriously.  Certainly, research companies are not undertaking this research to ‘scare’ people into not buying an Android phone or for companies to not implement BYOD into their organisation, rather, these reports are done to make companies aware of cybercrime, as well as educate them on the seriousness of cybercrime, to allow them to take action. The minute that both companies and consumers ignore the warning signs, the bigger the potential dilemma could be if attacked.  If the right security is not implemented, not only will cybercriminals have access to a consumer’s social media platform, but also to an organisations most sensitive data.

Q: What does the company offer to ward off these threats?

A: Mobility will still be a huge cause for concern in 2014, as a result Kaspersky Lab offers products, which helps companies protect and manage their corporate and employees’ tablets and smartphones used in corporate network, called: Kaspersky Security for Mobile.

This product contains Mobile Device Management and adds other unique features that help to seamlessly integrate mobile devices into the whole corporate security framework. The ability to manage devices from a centralised point, protect sensitive business data and support the most popular smartphones and tablets running iOS, Android, Windows Phone, Blackberry, Symbian makes Kaspersky Security for Mobile one of the leading solutions on the market.

Conversely, for consumers, we have unveiled Kaspersky Mobile Security, which provides world-class protection whenever mobile phones are used to bank, shop, check out the web or just chat with friends. This product also protects users if their phone gets stolen or lost and helps protect their data, even if the SIM card has been replaced.

Additionally, as more SME’s are making a mark in the Kenyan market, Kaspersky Lab has released a product called Kaspersky Small Office Security, which delivers business-grade protection technologies that are designed to be simple to install, configure and run. The solution protects a SME’s Windows-based PCs & file servers and Android smartphones and tablets.

Q: Please explain what Bring Your Own Device (BYOD) is and how the trend could affect companies in Africa in 2014?

A: BYOD stands for ‘Bring Your Own Device’ and refers to the process of employee’s using their own personal devices to get access to their work emails from wherever they are in the world.

For example; an employee at a specific company will use their own device to access company information and emails, which has said to improve productivity in the long-term, as employees can work faster. However, companies should not forget that the rapid development of mobile devices and operating systems has also attracted the attention of cybercriminals, who are using the concept of BYOD to their benefit. For example, if an employee’s personal device is lost or stolen, the problem which comes in is that this entire device may contain sensitive business data (from emails or documents saved on the device), that can then be available to whoever has the device.

Over the last few years, companies are seeing BYOD as more of a risk. In fact,  according to research done by B2B International in collaboration with Kaspersky Lab, the percentage of companies planning to restrict the use of personal devices for work purposes is on the rise: the number of respondents reporting plans to impose restrictions was up globally from 19% in 2012 to 25% in 2013.

If BYOD is implemented into a business’s strategy, it should be a consideration of the  CEO and CFO to ensure BYOD policies are invested in or that the right security is implemented on their employee’s phones, to ensure that their company data is kept private and safe from cybercriminals.

This article has been read 11,948 times