South Africa could face a massive cyber assault this year. At a recent International Data Corporation (IDC) and Microsoft event on cyber threats, the IDC’s Jon Tullett said one of the company’s predictions for 2017 was the country could see an attack at “public service level or within financial services. It will be a very public malware or ransomware attack“.
A recent ransomware cyber-attack caused havoc in 150 countries. Victims included the United Kingdom’s National Health Service, which had its computers and communications systems frozen across the health service, with hackers threatening to delete files unless a ransom was paid. Thousands of patients, clinics and hospitals across the country were affected, with ambulances being diverted from accident and emergency rooms. It wasn’t just giant global corporations affected, it was real people. Sick people.
Janine Lazarus, a crisis communications consultant and founder of Janine Media, recently returned from Israel where she attended a course on cyber-attacks and crisis communications at Ariel University.
“While the basic principles of crisis communications remain the same in navigating through a crisis, there are a few fundamental differences (in the case of cyber-attacks). For one, the time span to respond to a cyber-attack is a lot shorter. Secondly, the number of so-called ‘unknowns’ are that much more multi dimensional, and it is also of critical importance for an organisation to know who to engage with and when to engage with them,” she says.
“In the case of a cyber-attack, it’s not only the organisation’s IT department to consider. It’s a matter of consulting with the legal team, the media, and ultimately, the end users who are affected.”
Those “end-users” are the public, people whose lives would be affected by such attacks and who need to be communicated with every step of the way because major panic could ensue.
“There was certainly better management in play (in the WannaCry ransomware assault on the NHS and others) than was evident in previous attacks, but it still fell badly short in effective communications between the company under attack, the media and, of course, the end user,” Lazarus says.
Crisis comms in the cyber space
She was invited to Israel to learn about cyber and crisis communications in that space on the basis of her partnership with Gold ‘n Links Cyber, a global cyber security company that has been active in the cyber field for over 20 years in five different countries.
“The course was provided by Howden Cyber Insurance and Gold ‘n Links Cyber, and facilitated through Ariel University, a cutting edge academic institution perched on a hilltop overlooking the city of Ariel and the entire coastal plane of Israel,” Lazarus says.
The course covered five key elements:
– A detailed introduction to the cyber space
– Cyber defense
– Cyber-attack strategies
– Ethics in the cyber space
– Live cyber simulations
– Crisis communications in the face of a cyber-attack
Lazarus says she “watched in dismay a real time world map of cyber-attacks around the world. It looked like a very frightening World War Three”, she says. “Wars by their very definition are human to human. A terrifying new dimension now needs to be considered – and that is machine to machine. That will be nothing more or less than a disaster of catastrophic proportions.”
Lazarus lists standout cases as “the breach on British Telecoms company, Talk Talk, the attacks in the USA on Target and Home Depot, as well as the hospital attack on the Hollywood Presbyterian Medical Centre. Then there’s Sony, and who could forget Ashley Madison! A listed company in South Africa also didn’t escape unscathed”.
What would an attack on our financial institutions do, if the IDC prediction came to pass?
“With money comes confidence. People without money become insecure. We put all our trust in our banks, and if we can’t access our money, chaos ensues. The Greek government collapse may not have centred around cyber, but chaos erupted from its citizenry,” Lazarus explains.
“The fact is that the more reliant we become on technology, the more intensely vulnerable we feel without it. WannaCry in the UK resulted in hospitals failing to do simple blood tests because systems went down. Ambulances were dispatched to the wrong addresses because their GPS systems weren’t working.”
South Africa is 20 years behind
She reckons South Africa is at least 20 years behind the rest of the world when it comes to security “and the continent as a whole is also way behind the curve. We all know it’s coming, but we prefer to sweep our vulnerability under the carpet and hope that it doesn’t happen to us. But it does and it will,” says Lazarus.
In fact, a recent article on The Conversation by advocate and lecturer at the University of Nairobi, Ken Obura, said that “Given the importance that the cyberspace network plays in the life of modern African society, the imperative of securing this domain cannot be gainsaid.
“The International Telecommunications Union estimates that one in five Africans is now connected to cyberspace,” Obura wrote. “An overview by the United Nations also reveals that the supply of essential services in many African countries now relies on the cyberspace network. However, a survey of 21 African countries conducted by UN Economic Commission for Africa found that while many countries had proposed legislation, the level of deployment of security systems to combat cyber crime was low.”
Lazarus recommends that government and business should take a few important initial steps:
– Create a first response or business reaction plan.
– Write a business continuity plan
– In fact, if you engage in the most basic training around cyber awareness, you can mitigate some of the risk.
– Handle communications effectively around the cyber attack
But private citizens should also look at their personal cyber security. After all, it was a cryptoworm that targeted computers running Microsoft Windows operating system that launched the biggest ransomware attack to date. As Lazarus says, “It’s imperative for any organisation to do a proper health check – just like you would do with your GP. This will reveal where you may be exposed, and how bad the damage could be”.