It would be impossible to have missed the news reports over the past months as hackers took Afrihost, Axxess, Webafrica subscribers (itweb.co.za) and The City of Johannesburg (iol.co.za) hostage though a massive DDoS attack.
Distributed Denial of Service (DDoS) is one of the most powerful weapons cyber criminals use to attack businesses by flooding servers with more internet traffic than they can accommodate and thereby rendering them inoperable (us.norton). Although not a new type of cyber-crime, it has been trending in the local market over the past 12 months with a reported 18% increase in attacks in 2019 with the longest attack lasting 509 hours or 21 days (itweb)
Symptoms of a DDos attack can take the form of:
- Issues accessing websites
- Internet disconnection
- Excessive amount of spam emails
Fig 1: Graph indicates the downtime stats (00:00 – 15:30) for Axxess, Afrihost and Webafrica subscribers)
The South African Banking Risk Information Centre (SABRIC) addressed media on behalf of the banking industry and confirmed the DDoS attacks on South African banks which took place on the 23.10.19. SABRIC CEO Susan Potgieter said that the wave of attacks targeted various public-facing services across multiple banks.
“These attacks started with a ransom note which was delivered via email to both unattended as well as staff email addresses, all of which were publicly available,” said Potgieter. (fin24)
In a recent meeting held with one of South Africa’s leading insurance companies it was reported that hackers tend to ask for payment ranging from 2 – 4 bitcoins. 1 Bitcoin, as of 28.10.19, is priced at R135 961. It’s a catch 22 for businesses as, in discussion, it was revealed that despite companies not wanting to pay ransom demands, paying them often proved often less expensive then hiring a company to recover systems.
Our Cyber policy can protect in the following ways:
Data breach incident response
Call our hotline to a pre-approved top breach response law firm, who will initiate an investigation and coordinate the response plan on your behalf. This hugely important support will guide you through the process of dealing with this denial of service attack, including doing the following:
- Engagement of forensic and IT security vendors to investigate the scope of the breach and provide expert response guidance.
- Identification of mandatory notification requirements.
- Assessment of voluntary notification options.
- Agreement of notification strategy / plan.
- Appointment of Call Centre / Credit Monitoring service providers.
- Public relations services.
- Mitigation of potential 3rd party liability actions
Network Security, privacy and data breach liability cover
Our product protects our customers for costs to defend and resolve liability claims brought against you as a result of this denial of service.
Business Interruption
This section of our product gives cover for our customers’ loss of income following this denial of service attack.
Data Restoration
This section of our product gives cover for our customers’ costs for data restoration or recompilation following this denial of service attack.
Cyber Extortion
This section of our product gives cover for our customer’s costs incurred following a cyber extortion threat such as this denial of service attack.
Contact info@satib.co.za to speak to a professional about how we can assist in protecting your business against cyber-crime.
References:
https://www.itweb.co.za/content/LPp6V7r4OVzqDKQz
https://www.itweb.co.za/content/wbrpOqgPQDpvDLZn
https://www.iol.co.za/the-star/news/city-of-joburg-hacking-how-it-happened-35889367
