Only last month the City of Johannesburg suffered such an attack which caused major outages in both their client-facing and internal systems. The attack was reportedly the work of the hacking group “Shadow Kill Hackers”, who claimed to have backdoor access to the City’s systems and data. The hackers then tried to extort 4.0 bitcoin (R521,729.88) from the City as a ransom for the hackers reinstating their systems and data, which the City quite rightly didn’t give in to as it only encourages such activities.
One of the major knock-on effects of these attacks is that of affected customers possibly becoming “pwned”. Getting pwned refers to an individual’s personal information being compromised in a data breach at an organisation where they are a customer (either currently or in the past). Such information can then be used by hackers to target the individual with phishing or other types of attacks. Even when an organisation has the necessary backups to restore their systems and databases without paying any ransom, the leaked data is still out there for anyone with malintent to potentially use for criminal activities. In addition to phishing this can include anything from email spam lists to brute force attacks and fraudulent account creation with unauthorised billing, to mention just a few of the examples of how someone’s personal data can be abused.
An individual can check at any time to see if their personal data has been compromised by visiting the Haveibeenpwned.com website where the person can enter their various e-mail addresses (personal and work-related) to find out if they have been pwned. Most users who do these checks discover that they have in fact been pwned at some stage and the details of which organisations had data breaches resulting in their personal details being obtained are provided on the site. Users can also sign up to be notified if their email address appears in future dumps.
Dealing with being pwned as an individual and how organisations can prevent such data breaches will be discussed in a very interesting webinar on both this topic and the topic of general vulnerability management presented by F-Secure’s Director of Vulnerability Management, Teemu Myllykangas, on Wednesday, 13 November, at 12:00pm South African time. Those unable to view the webinar at the time of it being broadcast can register for it and will then receive a link to the webinar to view it at their leisure.
Cybervision Pty Ltd
Cybervision Pty Ltd is a leading distributor of cyber security solutions and services in southern Africa, with hundreds of satisfied customer companies through their resellers and over 25 years of experience in the field. The company was chosen by F-Secure as their top channel partner and collaborator in promoting better vulnerability management practices by their resellers for organisations in the region.