Publications
Partners
Cape Town - Attacking a company server is more than vandalism - it has migrated into a sophisticated method of blackmailing firms.
The most method of cyber attack is that of DDoS - Distributed Denial of Service - where a server is attacked with a huge amount of junk requests which eventually causes it crash, thus impacting normal business operations.
"Traditionally, DDoS extortion attacks were used against online gambling sites, around major sporting events. Criminal gangs would initiate attacks that would bring the website down just before the event was to start, thus forcing the companies to choose between suffering a major loss in monetary and reputational terms or paying up," said Bryan Hamman, territory manager for Sub Saharan Africa at Arbor Networks.
However, the frequency and intensity of attacks have changed over the years as DDoS has emerged as both a method of extortion and hacktivism.
Hackers, both individually and in groups, have begun taking political positions and used their skills to coerce parties to change the status quo.
Significant threat
In SA during 2013, IOL, the online division of Independent Newspapers, was hit by an attack in retaliation for publishing an article deemed supportive of Zimbabwean president Robert Mugabe.
Anonymous also took down the websites of several Israeli government websites recently as the hacker group protested the war in Gaza.
However, in computing, the term originated with building efficiencies in program code.
"To those of us who are real hardcore in the computer industry, the word 'hacking' would apply to people who hacked away all night long... they took a program and hacked it to make it little better," said Apple co-founder and Steve Wozniak in an online documentary exposing hacking.
However, Hamman said that the use of hacking to extort money was growing in SA and companies faced a significant threat as advances in technology made them easier targets.
"Increasingly, however, DDoS attacks are being used to extort money from all sorts of businesses and the reality is that no company should feel safe. Any business operating online - which means just about any type and size of organisation, can become a target, because of who they are, what they sell or who they partner with."
Indeed, the US cyber command emphasises that the internet does not guarantee anonymity nor safety.
Reporting
"Remember that all actions in cyberspace can be tracked by third parties and that even actions that seem harmless can expose you, your unit and the mission to the threats from our adversaries and criminals," the unit says.
According to Arbor Networks, the size of DDoS attacks continues to grow - the company registered a 20% increase in 2013 from 2012.
Also, the lack of reporting of DDoS attacks often emboldens cyber criminals who often hire out their services - even to rival firms wishing to damage the reputation of competitors.
"Ideally, companies would report every DDoS attack to law enforcement. In practice, they hardly do because of variety of reasons including lack of resources and time, low confidence in law enforcement investigative efficacy, and even corporate policy. Many of the attacks are sourced from other countries, and they don't know how or want to deal with foreign jurisdictions," said Anton Jacobsz, managing director of Networks Unlimited, the distributor of Arbor Networks in Sub Saharan Africa.
Although the Protected Disclosures Act of 2000 indicates some responsibility for company employees to disclose that a crime or miscarriage of justice has been committed and will likely be committed in the future, it does not oblige employees to report such impropriety to authorities.
'Don't cave'
The act merely facilitates an environment designed to protect whistle blowers from losing their jobs or being prosecuted should they make damaging revelations.
But if faced with an extortion attack, you should stand firm, Hamman argued. He said that caving in to criminals would exacerbate the problem.
"So what is the right response when it comes to extortion demands? The answer is simple and always the same - not to give in. Organisations should under no circumstances agree to pay the ransom – it can set a dangerous precedent and encourage more attacks in the future and while it might make the pain go away in the short term, the long term results are generally not worth it."
- Follow Duncan on Twitter
