What businesses can learn from the recent ransomware attacks in South Africa

Recently, a major power supplier in South Africa has undergone a ransomware attack, the result of which was a massive blackout. This goes to show that cyber attacks are no longer merely about stealing data and infecting the victims’ devices with malware; they’re out to impact our base resources and disrupt the flow of our lives. Indeed, the IoT devices in a typical modern home, as well as business premises, are instrumental to our lives now. They control the heating, the communications, and even the front door. In an extreme situation, getting hacked can potentially mean getting locked out of your own home, sustaining an injury, or worse.

The digital and the physical realms are slowly becoming ever more intertwined as we move forward to a world of tomorrow. With that in mind, it’s important that we learn what we can from the unfortunate events that transpired in South Africa to make sure nothing similar happens in the future.

A brief summary of the events

In July 2019, the South African City Power company sent out a tweet explaining what had happened. Allegedly, ransomware paved its way through their defenses, leaving them with encrypted network, databases, and applications.

Not only has the attack removed the option for the residents to purchase pre-paid power packages, but also prevented the company from being able to address any blackouts in the area. Since a quarter of a million people were affected by this attack, ransomware is not to be underestimated.

Ransomware has the ultimate goal of draining your wallet

Ransomware is designed to go after your money and keep your data hostage. In exchange for being able to unlock your encrypted files, you’re asked to pay a ransom in Bitcoin. Since it’s based on blockchain technology, the developers have everything they need to cover their tracks and collect the money anonymously.

The problem is, you may not get the decryption key even if you decide to cough up the dough. Although there are public decryption solutions available, these tend to only work on older versions of ransomware. If your particular version is not on the list, you’re out of luck.

The focus should be on the preventative

Considering what we’ve established above, panicking after your business has already been hit with one of these nasty cyber threats is too little, too late. Therefore, focusing on preventing these kinds of scenarios from unfolding in the first place should top your priority list.

To make things easier for you, we’ve compiled a list of four simple things you can start doing today to keep the likelihood of becoming infected to the bare minimum:

1. Don’t click on suspicious links

Phishing is a tactic cybercriminals use to lure you into opening a link that leads to a malicious website. Often, this is accompanied by a voice of authority or another form of pressure. For instance, a would-be attacker may masquerade as one of your superiors or a licensed agent of a website you’re registered to. To avoid clicking on something that could potentially infect your computer, the best practice is to either Google it or enter the web address directly into the URL bar of your browser.

2. Encrypt your files and internet connections

If your real IP is a secret, cybercriminals will have a much harder time victimising you. Here’s where a VPN comes into play; by using it, not only will you anonymise your IP (you can check how it changes by typing into Google “What is my IP?”, but also encrypt your internet connections. This will make it much harder for anyone to intercept your sensitive work-related files or eavesdrop on your conversations. Upon installing and launching it, make sure to confirm that your connection has truly been encrypted by googling “what is my IP”.

3. Install a firewall

By doing so, you will be able to monitor everything that goes on inside your operating system. Every single process that attempts to make a change to it will require your permission before being able to execute the next step. If you’re worried about constant unwanted interruptions, don’t be. Most modern firewalls let you whitelist a pre-approved list of processes that automatically get the permission they need without bugging you.

4. Update regularly

Last but not least, make sure you update your operating system and applications regularly. While it is true that many businesses rely on outdated systems and software to carry on with their operations, realise this is exactly what cybercriminals tend to exploit. Don’t give them the satisfaction, even if this requires sacrificing some degree of convenience.

It’s important to keep in the loop and educate yourself about the digital threat landscape. But don’t forget to educate your employees too; as we all know, the chain is only as strong as the weakest link in it.