Ever since people started connecting things to the internet, others have sought to abuse those connections. At Kaspersky’s ninth annual Cyber Security Weekend in Kuala Lumpur, Malaysia earlier this week, a host of cyber security experts provided insights on past trends, how things currently look, and future cyber threats, with a particular focus on the META (Middle East, Turkey, and Africa) region.
Surprisingly, Kaspersky’s research showed that the number of overall cyber threats in South Africa decreased by 29% in 2023 compared to the previous year. That could mean cyber thugs are getting bored or it could mean their old cyber threats are still working so they don’t need to create new ones.
Phishing with cyber bait
Our money’s on the latter because while the number of overall threats in South Africa has decreased, phishing scams increased by 29%. If you’ve ever received a strange email to inform you of a surprise inheritance or you have a parcel waiting for you that you never ordered, you’ve seen a phishing scam. Kaspersky reckons that 35% of its South African users were affected by online threats in 2023.
The overall decrease could also be the result of 2023’s record-breaking number of load shedding days. You don’t have to be a cyber security expert to know you can’t hack a system when it doesn’t have power.
Phishing attacks come in different flavours and are the most prominent form of cyber attack in our region. They might vary in form but they are all after the same things – your personal info, financial data, or access to your accounts. Stealing people’s money is easy to understand and has been around since before the internet was a thing. But most people don’t have hoards of cash sitting in their accounts, ripe for the stealing.
Read More: How SIM swap scammers can swindle you
Access to your social media accounts, like Facebook, can also be useful to cybercriminals. If they’re lucky, they’ll find out what your favourite pet’s name was, where you grew up, and other answers to common ‘security’ questions. Even someone’s Telegram account, or simply their cellphone number, can be used for nefarious purposes — like mass-inviting their contact list to a forex trading group in the hopes they’ll sign up to a pyramid scheme.
Cyber threats are evolving
Considering the rate at which generative AI is progressing, it shouldn’t be a surprise that it is intimately involved with the cyber threats of the future. Cybercriminals already use it to improve their phishing attempts or create convincing fake websites. Generative AI has also made it much easier to create video and audio deepfakes that could be used to swindle the unsuspecting. Then there are the vulnerabilities of the generative AI platforms themselves.
Most platforms have at least some safeguards in place which are supposed to prevent their misuse, but cybercriminals are already finding ways around them. Vladislav Tushkanov is a lead data scientist at Kaspersky’s expert system development and technology research department. He explained that these criminals already have methods to alter the behaviour of chatbots or ‘unlock’ topics of discussion and generated outputs which are supposed to be protected from misuse.
For now, generative AI misuse is largely focused on wreaking havoc on celebrities’ lives, though a recent case of an employee being fooled by a deepfake video of what they thought was their boss ended up costing the company millions. Cases like that are likely to increase as are the number of generative AI platforms available, the things they can do, and the issues that accompany them.
UPDATE 01/03/2024: A previous version of this story mentioned that “35% of South African users, or around 21 million people, were affected by online threats in 2023.” This has been corrected as this number was not a true reflection of Kaspersky’s data which is based on the number of users of Kaspersky products and not the per capita number of internet users in SA. We regret the error.
