Cyber crooks turn to low-tech trickery

Johannesburg - Cybercriminals’ use of social engineering tactics to trick company employees into exposing key data has one local technology expert worried.

Amanda Mills, the group technology manager at GroupM South Africa, told delegates attending this week’s IDC CIO Summit in Johannesburg that social engineering attacks are a worrying phenomenon.

To illustrate this trend, Mills highlighted one example of a cybercriminal who learnt that a CEO had a passion for cancer research.

The cybercriminal pretended to be part of a cancer initiative and approached the CEO to ‘raise funds’ for it. To allow the CEO to find out more, the crook offered to email the executive a PDF document outlining details about the initiative. Instead, the CEO received an emailed document that had a shell trojan virus which gathered sensitive information about the company in question.

But Mills said the risk of social engineering can affect all employees: those who are too trusting and even those who think they are invisible to attacks.

"Even the most skeptical of employees can be vulnerable because the attacks are sophisticated enough they appear legitimate,” she told attendees during her talk on the subject.

"It's arguably the most insidious and dangerous method of malicious exploitation currently in the IT landscape and I will defend that to my dying day.

"So, attackers gain access to the network by exploiting the trusting nature of employees,” she added.

Mills added that, in most cases, the cyber crooks are going after the CEO of a company to steal sensitive data belonging to businesses.

Apart from social engineering, Mills listed other cyber threats that could hurt businesses such as users who click on dangerous links, malware, device theft, email spoofing and phishing attacks

"The face of threats is definitely changing. And when I say changing, I mean from the perspective of maybe 10 years ago, external penetration was a real threat,” she said.

"Confidential information leakage and sensitive information distortion and data loss and scenarios where data, your intellectual property, your businesses’ monetised commodity that's leaving the network: those are identified now as the greatest threats in terms of security.

"It's not, ironically, the North-South movement of data that is your problem. It's the East-West movement, so movement within your organisation that is so often overlooked,” she said.

South Africa’s growing cybercrime levels

South African businesses lost an estimated R5.8bn to cybercrime as breaches continue at an alarming rate, underwriter Candice Sutherland told Fin24 earlier this month.

Sutherland added that around 974 million company records were lost or stolen in 2014, which amounts to an estimated 31 records every second.

Mainly by disgruntled employees stole these records as well, Sutherland said.