South Africa’s cyber landscape is changing fast, just as is all over the world. Recent studies show that only about 5 % of local businesses are fully prepared for modern threats. This includes threats resulting from the rise of AI – 87 % of participants in the study reported AIrelated security incidents in the past year. Meanwhile, phishing, ransomware and supplychain exploits continue to wreak havoc. This Cybersecurity Awareness Month is a perfect opportunity to brush up on your knowledge of the cybersecurity threats you face, and how to keep yourself and your data safe.
Key Cyber Trends in South Africa
There are three key cyber threats you need to be aware of:
- AIdriven threats are on the rise, as cybercriminals use AI to craft extremely convincing phishing emails, impersonate individuals using deepfake audio or video, and generate malware. At the same time, businesses are adopting machinelearning tools for threat detection and remediation.
- Ransomware and cyberextortion are surging. Ransomware attacks have increased dramatically this year, with a notable increase in AIaugmented attacks. SMEs have proven to be particularly vulnerable, with a 53% rise in ransomware incidents reported for smaller businesses. This could be a symptom of limited resources to train staff about cybersecurity best practice or employ cybersecurity experts in-house.
- Phishing represents more than 34% of detected attacks across Africa, while South Africa accounted for nearly 40% of credential theft incidents through infostealer and ransomware, according to Engineering News.
Endusers – that’s you and me – are often the first point of failure for cybersecurity measures – human error is almost always a reliable entry point. Developing good cybersecurity habits will go a long way to protecting yourself, your data and your workplace. This includes:
- Being aware of AIpowered phishing. You can do this by verifying unexpected emails, even if they appear to come from someone you know. Also look out for overly polished writing, mismatched tone, urgent demands, or requests to click embedded links.
- Use strong authentication tools, such as multifactor authentication (MFA) wherever possible. It’s also wise to use a password manager to generate strong, unique passwords and avoid reuse.
- Install software updates promptly on all your devices, as these often fix critical vulnerabilities that can be exploited by attackers.
- Apply antivirus or endpoint protection on all your devices, whether you use them for work or personal use.
- Safeguard GenAI usage by avoiding unapproved largelanguagemodel tools or sharing sensitive data with public GenAI platforms. According to IT News Africa, it’s not unusual for people to engage with AI without oversight, creating new attack surfaces.
- Report suspicious activity, whether it’s an email, website, or even a phone call. Use your employer’s official channels, or the official channels provided by your bank and other service providers, whenever you see something that looks fishy.
As technology and digitalisation of everything from banking to shopping to learning continues to rise, so do cyberthreats. Cybercriminals are leveraging AI, deepfake technology, and social engineering to exploit human error. As an end-user of technology, you must be your own first line of defence.