South Africa's National Cybersecurity Policy correctly states that cybercrimes and information security threats will continue to increase. It further states that these threats the potential to impact the country's national security and economy.
Recently it has been reported that cybercrime costs South Africa in the region of R1 billion annually (approximately $100 million), according to a report by a South African information risk and consultancy company - Wolfpack Information Risk, this further backs up what the National Cybersecurity Policy states.
Most people tend to regard Distributed Denial of Service (DDoS) attacks as a mere nuisance rather than an economic threat.
Beyond merely taking a site offline, DDoS attacks can affect a company's reputation and revenue, for example an e-commerce site could lose thousands if not millions if it suffers a sustained DDOS attack that results in customers not being able to purchase.
The pertinent question is: Are South African (and African) companies and organisations ready to deal with these DDoS attacks?
Also, are they using the services of DDoS mitigation companies or do they have the people and tools with the ability to mitigate such attacks?
As a case in point, the South African National Roads Agency (SANRAL) e-toll system was recently hit with a DDoS attack, as reported by ITWeb, which they eventually managed to mitigate. The attack seemed to have been more of a form of protest against the tolling of Gauteng's national roads.
Now imagine the attack lasted days, not hours or minutes. Another South African company, mobile service provider MTN, also suffered a DDoS attack last year.
What is even more concerning is the ever evolving method of DDoS attacks; with DDoS attacks mostly being used as a smokescreen by cybercriminals to prevent the organisation being attacked from realizing the actual target of the attack.
In this Information Age we live in, or Information Economy as some put it, a DDoS attack is no longer just an inconvenience, it is a real threat to be taken seriously and could possibly have real economic impact if done well enough against organisations insufficiently prepared for such attacks.
With Africa being the focal of tech growth in the next few years and receiving a lot of media hype to this extent, the continent could be a hotbed for DDoS attacks and other forms of cyber attacks.
It is thus imperative that Information Security be taken seriously by startup entrepreneurs and information technology professionals.
Cover Image Credit: Thierry Ehrmann