Posted on March 30, 2020 at 3:42 PM
More than 300,000 Devices Compromised in South Africa
As more people continue working from home, hackers are taking advantage of the situation to infiltrate devices. Reports revealed that within 1 week, hackers have hit more than 300,000 devices in South Africa.
Security firm, Kaspersky, discovered that between the 15th and 21ist of March, there were major spikes in networks in South Africa.
From the firm’s statistics, during that period, hackers infiltrated about 310,000 devices, which far surpassed the average weekly attack of 30,000.
Increased attacks as more people work from home
As many people are seriously working from home in the wake of the COVID-19 outbreak, the hackers have intensified their efforts to attack connected devices at home. The hackers believe they have the best chance to hit devices as millions of people connect to networks remotely, while others connect via insecure channels.
The attack is not limited to a particular region as Europe, Asia, and America have witnessed such attacks. Recently, there was a similar attack on devices in the US, as the United States Health and Human Services Department has reported. In this cyberattack, the attackers have targeted hundreds of thousands of connected devices.
How the attackers operate
The attackers usually try to break into the systems and compromise sensitive data and take full control of the affected devices. Kaspersky reported that one-third of the cyber attacks in South Africa involves the hacking of passwords and taking full control of the affected device.
A senior security researcher at Kaspersky, Maher Yamout, reported that there is an increased case of cyber attacks in South Africa, with the majority of the attacks targeting devices used by those working from home. Through that medium, the attackers hope to slowly gain control of the network and compromise data sent over the network.
According to Yamout, “The region is seeing an increase in attempts to break into the organizations’ systems to establish control over them, sabotage their work, or access sensitive information.”
He further revealed that the attacks on connected devices in South Africa coincided with this period when workers are asked to work from home.
He said remote work offers the hackers the opportunity to carry out their attack, especially on those who do not have adequate security measures. Workers are more vulnerable when they operate from their homes, rather than when they operate from their company’s network. Many of the workers do not have strong security measures to counter or prevent cyber-attacks. As a result, their systems are vulnerable and an easier target for hackers.
South Africa getting more attractive to cybercriminals
In recent times, cyber attackers have increased their attacking activities in South Africa as they see the region as a favorite hunting ground.
In October last year, there was a ransomware attack on Johannesburg’s official state portal. This was the second attack on the site within a space of 4 months. Both the first and second attacks were perpetrated by one hacker group, who demanded a ransom payment of 4 BTC, valued at $30,000 at the time. The hackers threatened that they would reveal sensitive data in the website if the demands are not met.
Within the same month, there was another attack, but this time the attackers focused on Webhosting companies by suffocating their networks with DDoS attacks. And recently, there was another set of DDoS attacks that affected several South African banks.
The attackers continued their attacking spree this year. Earlier last month, Eskom, a government-owned power company, said its system was infected will malware.
On a similar note, the attackers were at work again as one of South Africa’s largest banks, Nedbank, was infected with malware and some of its data got exposed.
Most of these attacks were infected on corporate networks. However, it seems the attackers have now shifted focus to individual networks since many workers are now working from home.