Companies globally are in the crosshairs of cyber adversaries – from criminals to sophisticated nation-state hackers. Robust security requires not just advanced technologies but also vigilant employees.

Imagine this: You receive an email from a senior manager asking you to forward sensitive information. You meet a client on Teams for the first time to discuss a new project. You receive a call from the IT support desk to talk about updates on your computer that require screen-sharing or login details.

These scenarios are all legitimate – but in a world of AI-assisted cybercrime, they could also be sophisticated traps.

A smarter, safer future: integrating IoT with robust cyberdefence

As a leading African connectivity, digital and financial services company, Vodacom has invested in Internet of Things (IoT) solutions, expanding into areas like smart cities and connected devices.

To manage the cybersecurity risks associated with IoT, we have implemented strong security protocols that ensure devices and networks are protected from unauthorised access. By embedding cybersecurity into our IoT innovations, Vodacom provides secure connectivity solutions that meet both customer needs and regulatory standards.

Cybersecurity isn’t just an IT issue, though – it’s integral to business resilience and growth, as emphasised in Vodacom Business’s recently released “Cybersecurity as an Imperative for Growth” report. The report offers insights into the state of cybersecurity as well as the importance of security frameworks. It also details the most prevalent types of attacks that employees should be aware of.

Why your clicks matter

Employees play a critical role in helping to protect the business. By staying informed about current threats and practising good cyber habits, you can prevent attacks or at least detect them early. In our sector, which underpins national communications and economic activity, the cost of complacency is high.

Digital resilience can be defined as the ability to adapt and recover quickly from technology-related disruptions, like cyberattacks or system failures, to ensure continuous and reliable access to digital services and information. To achieve true digital resilience, organisations must prioritise cyber resilience – the ability to withstand, respond to, and recover from cybersecurity threats.

The good news is that understanding the types of cyber threats, following your local cyber team’s guideline to verify the origin of information, and reporting suspicious interactions all provide layers of protection. Click here for details on how to report your suspicions.

Navigating the digital Wild West

Common external threats
  • Ransomware: Attackers use ransomware to encrypt files and demand a ransom payment for their release. Often, attackers employ “double extortion” tactics, threatening to publish stolen data or private images if the ransom isn’t paid.
  • Distributed Denial of Service (DDoS): Multiple compromised systems flood a target – such as a server or website – with excessive traffic. This overloads the system, causing service disruptions or making it entirely inaccessible to legitimate users.
  • Social engineering: Cybercriminals impersonate legitimate entities to trick individuals into revealing sensitive information, like login credentials or financial data. This can be done through phishing, social media and Business Email Compromise (BEC).
Waging the AI cyberwars of tomorrow

Cybercriminals are increasingly exploring and testing AI to enhance their attack strategies.

  • Voice mimicry using AI-powered tools has become a sophisticated method of cybercrime. A notable case occurred when criminals used voice-generating AI to imitate the voice of the CEO of a UK-based energy company. The AI replicated the CEO’s voice pattern, tone and accent convincingly enough to deceive the company’s finance team into thinking that they were speaking with the actual CEO. The team then transferred hundreds of thousands of dollars to the fraudulent account provided by the criminals.
  • SEO poisoning is a tactic used by criminals to make their harmful websites appear more credible and rank higher in search results. It works by making people assume that top search results are trustworthy, leading to potential risks like stolen credentials, malware infections and financial losses.
  • Quantum computers could break encryption algorithms currently protecting sensitive data, exposing organisations to data breaches. Current encryption methods like RSA (Rivest-Shamir-Adleman) or ECC (elliptic-curve cryptography) could become obsolete, allowing attackers to decrypt sensitive communications and steal confidential data.
  • Deepfakes can be used to impersonate high-profile individuals, tricking victims into providing sensitive information or authorising fraudulent transactions. Deepfake attacks can lead to significant financial losses, data breaches and reputational damage.

Many of these cyberattacks can be defended against by using verification methods like multifactor authentication for sensitive transactions. Remember, cybersecurity is a collective responsibility, and by working together, we can build a safer digital environment for all. Let’s stay informed, stay secure, and keep protecting our organisation and our customers.

For more information on security best practices and the latest updates on cyber threats, read the SecureWise newsletter.