CIO SA tech news round-up: Latest Microsoft threat intelligence report shows new risk for IT security teams, international cybergang issues ultimatum to victims, and more

post-title

New research from Microsoft reveals that attackers are increasingly making use of operational technology to gain new entryways into company networks, the Clop Group, a prolific cybercrime gang believed to be based in Russia, has issued an ultimatum to Boots, BBC, and British Airways, and Craig Freer bets on outsourcing IT functions to address unsustainable skills gaps.

Latest Microsoft threat intelligence shows new risk for IT security teams

New research from Microsoft reveals that attackers are increasingly making use of operational technology to gain new entryways into company networks.

Microsoft’s recent Cyber Signals report highlights how cybercriminals are using Operational Technology (OT) as gateways into an organisation’s network. This comes at a time when IoT connections continue to grow: IoT connections in sub-Saharan Africa are set to double by 2030, giving cybercriminals more opportunities to breach networks and systems.

Microsoft’s Cyber Signals report is a regular cyberthreat intelligence brief spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. The latest edition has found that converging IT, Internet of Things (IoT) and OT systems pose a wider risk to critical infrastructure.

The increase in digital transformation across the region has enabled organisations to manage their buildings, emergency systems and access control with smart devices connected to a network. In addition, Microsoft has seen an increase in IoT devices in the workplace to better enable hybrid work. This includes smart conference rooms with microphones and cameras, WiFi routers and printers.

For CIOs in the Middle-East and Africa, the impact of a possible security breach is top of mind in an increasingly complex threat environment. IDC research on Enterprise Security Trends found that it is the top concern for senior IT security decision-makers in South Africa, with half saying they are most concerned with the consequences of a possible breach in terms of brand reputation and financial loss.

To combat the risk, 53 percent of organisations in South Africa have increased their security budgets over the past two years and are investing in upskilling staff to increase technical knowledge of IT security.

However, as the threat landscape continues to expand, organisations need to rethink their cyber-risk approach to stay one step ahead of would-be attackers. Cyber Signals found that there are currently more than million connected devices publicly visible on the internet running Boa, an outdated and unsupported software still widely used in IoT devices and software development kits.

“Organisations are more connected than ever before. From the humble Wi-Fi router to the everyday office printer, IT teams need to view their IoT devices differently and secure them as they would any company laptop to prevent security breaches,” says Colin Erasmus, chief operations officer at Microsoft South Africa. “Gaining complete visibility of an organisation’s OT systems and protecting its IoT solutions will go a long way in preventing cyberattacks.”

The time for managed IT services has well and truly arrived

According to Craig Freer, head of division at Qwerti, outsourcing IT functions is a tactical win in the wake of an unsustainable skills gap and tough economic conditions.

A recent SAP report found that 73 percent of South African firms predict a skills gap within the next year, four in five organisations are presently reporting a lack of computer skills, and 41 percent believe the workforce they do have is departing due to the increased strain.

According to Craig, outsourcing could be a possible answer to this problem. As a result, businesses would be wise to outsource their IT functions in order to deal with a catastrophic skills shortage in a cost-constrained climate.

Here are three immediate benefits of outsourcing, Craig says:

It will bring down costs: when a business outsources, it gains access to aggregated skills. In other words, it buys privileged access to an array of important skills. This aggregation is important. For instance, a business could hire a firewall engineer who sits idle for 40 percent of the time. In a cost-sensitive environment, being able to gain access to crucial skills for less than 30 percent of the cost is a compelling option.

IT is no longer break-and-fix: modern businesses have far more serious considerations when it comes to their technology. Perhaps in years gone by, if a computer or printer broke it could be fixed or replaced and life would get on as normal. Nowadays, because IT is fundamental to the survival of a business, if something like a backup goes wrong it could potentially be fatal to the business. There is far too much risk involved to simply treat IT and crucial IT skills as an afterthought.

Access to best practice: imagine for a moment that a manager parted ways or was fired from a company years ago. Now imagine that this manager still had access to your systems and was periodically coming into the system to access sensitive data. This is the stuff of nightmares. Best practice, from policies and procedures when staff leave a business’s employ, to cybersecurity, to support–- and much more – is crucial. Professionals who work in the environment day in and day out bring best practice to the equation. Outsourcing to a partner buys access to an entire team of IT specialists.

“While outsourcing IT functions has always been a good option, it has never been more urgent to deal with the critical skills shortage in a tough economic environment. The time to look at managed services has well and truly arrived,” he concludes.

International cybergang issues ultimatum to its victims

The Clop Group, a prolific gang of cybercriminals believed to to be based in Russia, has issued an ultimatum to UK companies Boots, BBC, and British Airways, who are victims of a hack by the group.

The unedited blog post, which was sent to the BBC by the group, read: “This is announcement to educate companies who use Progress MOVEit product that chance is that we download a lot of your data as part of exceptional exploit.”

The post then urges victim organisations to send an email to the gang in order to initiate negotiations on the group’s dark web portal.

The Clop Group also issued a notification on the dark web warning firms affected by the MOVEit hack to email them before June 14 or their stolen data would be revealed.

More than 100,000 employees at the BBC, British Airways, and Boots have been informed that their payroll information may have been compromised. Employers are being encouraged not to pay a ransom if hackers demand it. The criminals discovered a technique to sneak into a popular piece of business software called MOVEit and then used that ability to gain access to the databases of potentially hundreds of other organisations.

Progress Software in the US provides MOVEit to numerous enterprises to securely move data throughout company networks. Zellis, a UK-based payroll services provider, was one of its users, and Zellis has verified that eight UK organisations had data stolen as a result, including home addresses, national insurance numbers, and, in certain cases, bank details. Not all businesses have had the same information exposed.

Related articles

How and where will the future CIO work?

What is the workforce of the future? Who will be doing the work? And where will you be doing work? During a discussion with Eskom CIO Faith Burn at the 2024 CIO Day, Investec CIO Shabhana Thaver discussed the role of IT in shaping future work.

Warren Hero joins SARS as new CDO

The 2023 CIO Awards winner will be responsible for designing the South African Revenue Services’ business model for antifragile digital transformation.

Top