top of page

Cybercrime's evolution and how we can fight back

How bad can a cyberattack be? This question often comes up in conversations with companies still contemplating their strategy against online criminals. Despite years of escalating attacks, cybercrime still exists in the realm of the surreal and intangible. It's hard to imagine a hacker breaching your system in the same way as robbers bursting through the doors of a bank. The latter is violent and visceral, the former distant and unconnected to us.

But the recent hack of Transnet's port systems gives us an unambiguous indication of how dangerous a successful cyberattack is. On 22 July, criminals breached the systems that manage the Durban Port, effectively shutting down infrastructure that handles 60% of South Africa's imports. It was so bad that Transnet declared a temporary Force Majeure - that it could not run operations. Everything ground to a literal halt.

In the US, a major pipeline was shut down for days after criminals breached the business systems of its parent company. Locally, operations at the Justice Department were severely disrupted by cyberattacks. I say 'disrupted', but it's not strong enough. The Justice Department is still busy getting its systems back in order.

If a cyberattack can bring a major port or pipeline to its knees, it indicates how dangerous these breaches are. Some companies still argue that they are too unlikely a target, but that's not the case. Cybercriminals are a motivated lot, always looking for the next opportunity.

For example, when companies started to become good at recovering from ransomware attacks, the criminals diversified into stealing data to extort their victims. To increase their profits and scale their operations, those groups created ransomware-as-a-service – effectively a franchise model offering access to their tools for less capable criminals and taking a cut of the ill-gotten gains.