Attack on credit bureau exposes 24 million South African's personal details

Attack on credit bureau exposes 24 million South African's personal details
By Cybersecurity expert and J2 Software CEO John Mc Loughlin

South Africans now have another thing to worry about, their personal information has been lost to a fraudster who has gained access to 24 million people’s information. The information in question is the exact detail required to access banking information, access accounts and steal identities. The exact end game is not clear, but the possibilities are endless.

The initial hype around Experian mentioned they had been hacked and data was stolen. With additional detail it seems that none of the systems were breached and the personal information of 24 million South Africans was lost due to an internal failure.

This is a prime example of an insider threat causing a massive loss. A business like Experian deals in data, therefore losing this data is losing their competitive advantage. Unfortunately at this point in South Africa the only ones who are lined up to lose anything are the citizens and businesses who’s data has been lost due to Experian’s failure to protect it.

South Africa is not immune to attack and we are often reported among the most attacked countries in the world. Recent breaches at a Momentum subsidiary, the data compromised at a Nedbank service provider, Liberty’s loss of email records and the Master Deeds breach of a few years ago shows us that nothing and nobody is immune.

This is not only relevant to large business, every business is a target. Often the attackers will target smaller businesses because they normally do not have the necessary security controls in place. These smaller service providers are the stepping stone to the their customers and the SME is used as the bait in the ultimate goal of catching a far bigger fish.

Companies are simply not doing enough to combat the insider threat. The insider threat clearly does not mean only the rogue employee in the organisation, in pretty much every successful cyberattack the insider is the reason but they are not always at fault.

South African businesses are not investing In tools to combat the insider threat by ensuring visibility of the activity at the end point and deploying a comprehensive and engaging user awareness program while rigorously reminding the relevant insiders on the correct processes and controls to ensure data security. Most breaches can be prevented with the right visibility and this will help you identify malicious users, negligent users and compromised accounts.

Monitoring for compliance is more critical now than it has ever been. Taking advantage of telemetry from data, machines, applications and people allows you to gain valuable insights into where you should focus your efforts to prevent data loss. The network no longer exists and your network is wherever your user is. Single actions will not give you context and I suggest gaining visibility in order to quickly identify indicators of intent.

A layered cyber security program is non-negotiable in the modern world and if your security approach continues to be the network and perimeter, you are going to be the next breaking news story. Adopting a user-centric approach to cyber security allows you to protect the most important asset in the business, your information. Visibility gives you the capability to detect and the ability to rapidly respond.

The time to talk about cyber threats is over for South African businesses of all sizes, you have all been talking for too long. Start taking action.