College of Agriculture, Engineering
and Science (CAES)

Africa, You’ve Been Phished

Whilst “Zoom” might be the new buzzword during lockdown, so too is “zoombombing”.

Cybersecurity, scams and disinformation during the COVID-19 pandemic was the topic of the latest data@breakfast online webinar, co-presented by UKZN senior lecturer in computer science Dr Brett van Niekerk* and KnowBe4 Managing Director Ms Anna Collard.**

Although South Africa is one of the leading economies in Africa, it lags behind in cybersecurity, ranking 56th globally and 4th in Africa in terms of the 2018 ITU Global Cybersecurity Index. ‘The country suffered a number of major cyberattacks at the end of 2019. Security company Kaspersky reports that cyberattacks have increased tenfold since the announcement of the national emergency, owing to cybercriminals seeking to take advantage of the uncertainty combined with remote working conditions necessitating the increase in internet, VPN and online collaboration usage,’ said van Niekerk. ‘Health and research organisations in particular have been targeted, including by state-sponsored cyber-espionage seeking to steal COVID research.’

Van Niekerk pointed to scams that have targeted COVID-19 infection maps as a means to distribute malware. ‘Privacy is also an issue of concern,’ he said. ‘Zoom is banned by many governments, organisations and educational institutions because of security issues.

‘Disinformation has also mushroomed with COVID-19. Voice notes inciting panic, students “warned” on social media that they won’t get funding and medical misinformation are all examples of the explosion of fake news.’

Van Niekerk singled out the threat of computational propaganda, where algorithms and automation (bots) were used to distribute propaganda and disinformation far faster than humans can react to and prevent them. In addition, he pointed to “deep fakes”, whereby deep learning is used to create realistic fakes – ‘images, audios or videos of someone doing something that never really happened.

‘In sum, this pandemic has seen a rapid change in online and work activity, with a corresponding increase in cyberattacks and scams. These attacks have become increasingly sophisticated, making it more difficult to identify scams.

‘Awareness training and education are therefore vital.’

Collard agreed. ‘In Africa, we have a high degree of digitisation. Currently half a billion people are online and this number will double within two years. These are all new users that are vulnerable to phishing and scams. It is a ticking time bomb.’

She offered a number of tips to recognise scams and phishing campaigns, and practice good cyber security. ‘Never click on a link before manually searching for its credentials. Anything that triggers your emotion is a giveaway. Educate yourself and your family. Don’t trust anything you haven’t expected. Limit what you share about yourself online. Secure your home Wi-Fi, use a VPN (Virtual Private Network) and keep all software up to date.’

Collard also advocated for good password practices – never reuse your password, apply multi-factor authentication, use a password manager, create strong passwords for critical accounts, and don’t use your business email on personal sites.

‘Use your critical thinking mind. Stop. Think. Verify.’

Data@breakfast is a platform to discuss ‘topics at the forefront of big data, artificial intelligence, quantum computing, machine learning and more.’ The brainchild of UKZN Pro Vice-Chancellor for Big Data and Informatics, Professor Francesco Petruccione, the weekly seminar series has turned to the online world so that presentations can continue during the COVID-19 lockdown. To view the other popular and informative talks in this series, visit the data@breakfast website and YouTube channel.

Dr Brett van Niekerk is a senior lecturer in computer science at UKZN and previously worked at Transnet as a senior information security analyst. He serves as Chair for the International Federation of Information Processing (IFIP) Working Group 9.10 on ICT Uses in Peace and War and is the co-Editor-in-Chief of the International Journal of Cyber Warfare and Terrorism, associate editor for the International Journal of Information Security and Privacy, and serves on the international advisory board for the Journal of Information Warfare.

** Ms Anna Collard is the Managing Director of Popcorn Training/KnowBe4 Africa where she drives security awareness across the African continent. She won the Women in Tech Innovations Throughout Africa 2020 Award for Southern and Central Africa.

Words: Sally Frost

Image: Shutterstock