Picture: 123RF/PWSTUDIO
Picture: 123RF/PWSTUDIO

It was midday on a Saturday when an employee at one of SA’s oldest e-commerce sites opened an e-mail, clicked a link and followed the "continue" prompt.

An hour later, systems were slow and every single file on the server of Joburg-based business Autostyle Motorsport had an mp3 extension. Inside each folder there was a text document with a ransomware demand for 1.5 bitcoin (about R7,000 at the time).

In the first 24 hours, Autostyle staff tried everything they could to deal with the hack, which paralysed their systems. Its digital strategist, Naeem Mayet, hired freelance tech experts and learnt about encryption, cryptocurrencies and ransomware before realising there was no easy way to unlock the files.

"We decided to pay the R7,000 instead of redoing an entire stock take for that busy Saturday, which was also cheaper than a consultant cost of R15,000-R20,000.

"There was always the concern that if we paid, nothing would happen, but fortunately, the second we made payment — it was all automated — we downloaded the decryption and within 15 minutes everything was back to normal," says Mayet.

Autostyle has since moved to a cloud point of sale system so that it won’t have to rely on a local server, which Mayet says makes security easier to manage.

This classic ransomware attack is not isolated. SA has the third-highest number of cybercrime victims worldwide, which results in an annual loss of R2.2bn, according to the SA Banking Risk Information Centre (Sabric).

Kaspersky Africa MD Riaan Badenhorst says no country is immune. "Cybercriminals target countries they perceive to be less prepared for attacks or that hold an attitude of ‘it won’t happen to me/us because my/our data holds no value’."

All and any data holds value and needs to be protected, adds Badenhorst. "Cybercriminals enjoy going after ‘easy targets’ and unfortunately those who don’t pay attention to the need for effective protection become easy targets as they are ill-prepared and don’t take IT security protection seriously."

Small businesses aren’t the only targets. And hacks are more common than people realise. City Power and the SA Civil Aviation Authority were hacked in July and the City of Joburg fell victim in October. The widespread WannaCry ransomware attack in 2017 hit several SA companies, including Telkom.

Most others have not disclosed that they were hacked.

Researchers say four major cyberattack campaigns were detected in SA between July and September this year. And a number of financial services companies fell victim.

The cost of an attack goes well beyond the actual ransom, which many organisations refuse to pay. It includes system downtime, equipment and network costs, and lost opportunities and sales.

Attacks intensify at the end of the year. Sabric says that as the festive season approaches, people tend to relax and become more socially active. Criminals exploit this by stealing personal or confidential information to defraud people.

How can you stay safe? Sabric warns consumers not to trust websites they don’t know, or fall for unrealistically good offers. Never send credit card details over e-mail or confirm banking and personal details via a link sent to an e-mail address, it adds.

Sabric recommends that consumers sign up for 3D Secure to secure their card details, change passwords regularly, ensure they have a robust firewall and install antivirus software.

Meanwhile, Kaspersky warns against trusting open Wi-Fi networks that don’t require a password as cybercriminals often create these networks to collect personal data. It recommends the use of a VPN to protect personal data as it encrypts information going through a network.

Kaspersky says the abuse of personal information to create "deep fakes" is a security threat that will become a greater problem in 2020. Deep fakes refer to an existing image or video of a person which is replaced by someone else’s likeness using artificial neural networks.

"People and organisations should be more wary of and pay attention to deep fakes. With advances in artificial intelligence, we predict it will [be possible to] create very convincing deep fakes," says Badenhorst.

"Better awareness, education as well as new technology to help users detect deep fakes will become a focus to support in protecting against this growing cybercriminal tactic," he adds.

While most smartphone users are shifting towards biometric security — such as fingerprint or facial recognition readers — on personal devices, Kaspersky recommends using it as a secondary protection method to complement other measures such as a PIN or password. "The reality is that once biometric data is compromised, there is no going back," says Badenhorst.

In a digitally driven world, consumers have to be alert to cybercrime risks. It’s the price we pay for the life that we have created, where digital convenience has triumphed.