Check Point Software, a global provider of cybersecurity solutions, on Friday reminded African organizations of the importance of cybersecurity training for employees following the recent “data breach” at supermarket chain Shoprite.
Shoprite said on June 10 it became aware of a suspected data breach that could affect some customers involved in money transfers to and within Eswatini, as well as within Namibia and Zambia.
The data breach is said to have names and ID numbers , but contained no financial information.
Hacking group RansomHouse claimed responsibility for the attack and said about 600GB of data was stolen. The group claimed a lack of cybersecurity practices by Shoprite employees was easy to exploit, as many store large amounts of personal data in unprotected plain text.
Check Point said employees are the first line of defense when it comes to security, and this was an important reminder of the need to implement regular cybersecurity training and clear data retention procedures and policies.
Check Point said in response to the attack, Shoprite quickly implemented additional security measures, including changing authentication processes and detection strategies and blocking affected areas of the network.
“While these measures are good, they reflect another worrying reality,” said Pankaj Bhula, Check Point’s regional director for Africa.
He said many local businesses are still a step away from cybercriminals h interher and took a detection-and-response approach rather than a prevention approach.
“Today, prevention-first is critical to protecting against cybercriminals’ s sophisticated Gen V [5th generation cyberattacks] attacks].
Check Point said ransomware attacks are widespread and increasing in the African continent.
In the first quarter of 2022, Check Point Research had found a 23% increase in ransomware attacks compared to 2021 – with one in 44 organizations now being affected weekly on average. This compares to one in 53 affected companies worldwide.
The company said ransomware attacks are becoming the most lucrative type of cybercrime, allowing criminal gangs to generate huge profits.
In the last few months alone, these attacks had disrupted major organizations in South Africa from Dis-Chem to Capitec and Transnet.
Check Point said organizations must have a robust, secure data backup solution to protect against ransomware strengthen space.
They had to provide regular cybersecurity awareness training to all employees, particularly around phishing attacks, and enforce a strict password policy that required the use of multi-factor authentication.
< p>They are also required to keep computers up to date and to apply security patches, especially those marked as critical.
Support una related journalism by subscribing to The Sunday Times. Only 20 R for the first month.