Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      Vodacom fibre play pushes Maziv valuation above Telkom’s

      20 July 2025

      Crypto industry shoots for mainstream adoption

      20 July 2025

      Vodacom’s Maziv deal gets makeover ahead of crucial hearing

      18 July 2025

      Cut electricity prices for data centres: Andile Ngcaba

      18 July 2025

      Takealot taps Mr D to deliver toys, pet food and future growth

      18 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Samsung’s bet on folding phones faces major test

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      OpenAI to launch web browser in direct challenge to Google Chrome

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025
    • In-depth

      The 1940s visionary who imagined the Information Age

      14 July 2025

      MultiChoice is working on a wholesale overhaul of DStv

      10 July 2025

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025
    • TCS

      TCS+ | Samsung unveils significant new safety feature for Galaxy A-series phones

      16 July 2025

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025
    • Opinion

      A smarter approach to digital transformation in ICT distribution

      15 July 2025

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » In-depth » Hackers up the ante on SA companies

    Hackers up the ante on SA companies

    By Sasha Planting6 July 2018
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    While financial services company Liberty may have suffered the biggest data breach ever in South Africa, losing between 20TB and 40TB of data contained in e-mails and attachments, it is not the only listed company to have been targeted by hackers.

    JSE-listed construction materials firm Afrimat has been the target of several hacking attempts. Most recently, a third party contractor inadvertently released a day-zero attack into its network. This is a cyberattack that occurs on the same day a weakness is discovered in software (which means no antivirus software will pick it up), enabling hackers to exploit the gap before a fix becomes available from its creator.

    “We became aware of the attack as it happened and were able to stop it at the point of infection,” says Johan du Plessis, GM of technology systems at Afrimat. Who the hackers were and what their objective was, one can only speculate. “These guys are almost impossible to trace,” he says.

    Our systems picked this up immediately and ensured that it could not be distributed to our other servers and devices on the network

    In another attack, ransomware infected the company’s development server. This is malicious software that blocks access to a computer’s files until a sum of money is paid. “Our systems picked this up immediately and ensured that it could not be distributed to our other servers and devices on the network,” says Du Plessis. “We could then isolate the software before it could do real harm or cause a loss of production.”

    Afrimat was not always so lucky. Two years ago, ransomware infected its entire server environment. “The attack happened on Saturday and we discovered it on the Sunday. We were down for nine hours but we had a disaster recovery plan and were able to get the systems back up before operations began on Monday morning.”

    At that point, J2 came on board and we deployed their layered approach to cybersecurity. “It was a matter of time before one of these attacks caused real damage,” Du Plessis says.

    According to PwC’s Global Economic Crime and Fraud Survey for 2018, South Africa is the second most targeted country in the world when it comes to cyberattacks. The reason for this, says John McLoughlin, CEO of J2 Software, is a combination of naive users, poor policing and immature laws.

    Popi Act

    While South Africa’s Protection of Personal Information (Popi) Act was signed into law in 2013, it has not become fully operational as the regulator is not yet functioning fully. Popi is also not as prescriptive as Europe’s General Data Protection Regulation (GDPR), which became operational at the end of May this year, says McLoughlin.

    The GDPR requires that businesses take steps to protect the personal data and privacy of the EU citizens who are their clients. Unlike PoPI, if something goes wrong and private data falls into the wrong hands, that company is required to inform their clients within 72 hours.

    “The reason you have never heard of data breaches at listed companies is not because they have not happened, it’s because they don’t have to tell you,” adds McLoughlin.

    Afrimat came to recognise that most cyberthreats are activated from within a network — so building the highest wall possible is not effective. “We started small, applying J2’s layered approach to security,” says Du Plessis.

    The first layer included installing antivirus software on every machine and mobile device that accessed the company’s network. The second layer saw Afrimat setting up a system to protect itself from the Web (the system advises which sites employees can and can’t visit and what software they can and can’t download). The third layer focuses on e-mail — the number-one way hackers target businesses and employees. “Every e-mail is scrutinised by the software, with the result that about 60% of mails coming into the company are stopped because they are spam or malicious,” Du Plessis says.

    He adds: “We have not taken these steps because we suspect our staff of malicious attacks. Very often the user acts innocently — by inadvertently clicking, downloading or opening something that is potentially dangerous.”

    A year later, Afrimat added another layer of security in the form of behavioural analytics. This does not mean a beefcake of a man is watching employees’ every move via hidden cameras. Instead a software system called Dtex monitors users’ online behaviour. “We have no interest in what our users are doing until they do something unusual, and it is this that the system flags,” says Du Plessis. “For instance, is someone copying large quantities of data? Are they saving it to an external drive? This is what we want to know.”

    While Afrimat has not had to march anyone off its premises, one Cape Town-based call centre operator has done so, says McLoughlin.

    The call centre ran several concurrent campaigns for financial service providers, with Chinese walls separating each campaign, and one overarching manager. It turned out that one manager began accumulating user data from the different campaigns, which she compiled into a “work” folder. She then uploaded this into her Google drive. This was unusual and the system flagged it as such. “Within an hour she was marched out the building,” McLoughlin says.

    Visibility over your network and what your people are doing is like gold, he adds. The minute someone clicks on something that is compromised, you need to know. “Yet it takes the average company 220 days to know they have been breached.”

    In Liberty’s case, the company knew there had been a breach of its systems because the hackers told them so, and then proved it by publishing some of the information — since removed.

    “It’s scary out there,” says Du Plessis. “It’s not so much about cybersecurity — it’s about cyber resilience. It’s not if, it’s when. And then, are you able to bounce back within four hours with no loss — either physical or reputational?”

    • This article was originally published on Moneyweb and is used here with permission


    Afrimat Liberty Liberty Group top
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleTV white spaces could revolutionise SA telecoms
    Next Article Tech giants are stronger than Paul McCartney

    Related Posts

    18GW in unplanned breakdowns cripple Eskom

    2 November 2021

    Nersa kicks the Karpowership can down the road

    13 September 2021

    If you think South African load shedding is bad, try Zimbabwe’s

    13 September 2021
    Company News

    Vertiv to acquire custom rack solutions manufacturer

    18 July 2025

    SA businesses embrace gen AI – but strategy and skills are lagging

    17 July 2025

    Ransomware in South Africa: the human factor behind the growing crisis

    16 July 2025
    Opinion

    A smarter approach to digital transformation in ICT distribution

    15 July 2025

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.