[Column] Riaan Badenhorst: An evolving digital world places an emphasis on insuring yourself against cyberattacks
Consistent year-on-year growth of Internet users is resulting in increased digital identities and the sharing of more and more personal information online. As Internet users become more comfortable and interconnected with the digital tools available to them – tools that offer a convenience too good to be passed up – are the inherent security risks and all forms of possible protection and risk mitigation being considered on a regular basis? Experts from Kaspersky provide insights.
Riaan Badenhorst, General Manager for Kaspersky in Africa says “Growing digital identities are a natural result of the digitally transforming world we find ourselves navigating. However, getting caught up in the excitement and convenience of all things digital and with that, possessing a trivial attitude towards the privacy of digital identities and accounts – especially those that hold valuable information - could make you an easy target to cybercriminals. And this is something we see and hear about on a consistent basis today.”
News headlines and stories linked to digital fraud and scams leaving people out of pocket is becoming a more regular occurrence. In fact, to put this into context, Kaspersky research shows that South Africa is listed among the countries with the highest percentage of users attacked by Android banking malware. Furthermore, the research notes that worldwide, the number of users that encountered Android banking malware in 2018 more than tripled to reach 1,799,891.
Adds Badenhorst; “Digital fraud, the stealing of data, photos, passwords etc. are just some of the top security concerns that come with owning a digital identity. And while it may seem impossible to not have a digital identity in a digital driven society, protecting it should be a priority. Our research however shows that 1-in-3 people don’t know how they can fully protect their privacy online.”
“This is certainly concerning, especially when it comes to online banking and the rise of digital transactions,” adds Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa. “African consumers truly enjoy the perks of the digital era and tend to shop and pay online or via mobile banking regularly. However, whether due to what we call privacy fatigue or a lack of security know-how, we find that many users don’t install adequate security solutions on their devices or take the necessary steps towards protection and risk mitigation - and thus knowingly or unknowingly leaving themselves vulnerable to the ill intent of cybercriminals.”
Even more concerning, from a banking perspective many believe that their bank is the sole bearer of responsibility of the security of their accounts and digital information. “Bank agreements typically include a passage about the client’s responsibility to keep their financial information secure – particularly when it comes to pin codes, CVC numbers and one-time passwords or pins for example,” adds Opil. “Banks however in many instances usually consider compromise of these the user’s responsibility. This can result in no refunds being granted and leaving the consumer out of pocket.”
In 2018, the number of users attacked with banking Trojans was 889,452, which is an increase of 15.9% in comparison with 2017 figures. This kind of malware steals credentials for e-payment and online banking systems from victims, intercepting one-time passwords, and then sending the data to the attackers behind the Trojan. These types of digital identity attacks are among the most popular for cybercriminals, as they are focused directly on financial gain.
The good news is that the cyber insurance segment of the financial services sector is advancing – and quickly! While cyber insurance products have been available in the local market for a number of years already, as more insurance players look to capitalise, so the market becomes more competitive, which is leading to more sophisticated and affordable products being brought to market – including direct to consumer products.
Cyber insurance can’t protect a consumer from cybercrime. Rather, it is similar to an insurance on a car or house, which is intended to provide financial protection in the event of loss or damage – where cyber insurance covers against Internet-based liability and personal risk.
Continues Badenhorst; “In a growing cyberthreat landscape where the risk of falling victim to some form of cyberattack remains high, investing in cyber insurance policies should also start to filter into the personal consumer space too – supporting the need consumers have for complete transactional liability cover for loss of funds due to online theft, fraud and malware attacks should they occur. Understanding the associated cyber risks and onboarding personal responsibility for it remains key to mitigating the risk, and such additional cover is becoming more prevalent as digital identities grow.”
“Whatever the type of malware – banking trojan, ransomware or spyware – it is bound to cause trouble and consumers need to take an active role in managing the protection of their digital identities, accounts and privacy. The onus is on everyone to insure themselves against cyberattacks – and with the many options available, achieving this type of protection is viable to enjoy safe digital experiences without the worry,” concludes Badenhorst.