The use of artificial intelligence (AI) tools may be one of the reasons there has been an increase in cyberattacks on government entities and private companies.
The latest cybersecurity breach in South Africa has been on IT systems at the National Health Laboratory Service (NHLS), which the Gauteng department of health said had led to delays in processing laboratory tests across public health facilities in the province.
A cybersecurity expert and senior lecturer from the division of information systems at Witwatersrand University, Thembekile Olivia Mayayise, said there has been an increase in the past few months. She said it was not only ransomware but an increase in different types of scams and cyberattacks such as phishing scams.
She believes the use of AI tools may be fuelling the spike.
“That we cannot run away from because with AI tools you don't need to be an expert user to cause havoc. You don't need to be an expert to write a code or coding that will be malicious,” she said.
Mayayise said phishing e-mails have become a simple thing to create because of the availability of AI tools. Organisations that culturally look after their systems in a certain way may need to strengthen their security systems.
Ransomware attack at NHLS: Why cybercrimes are increasing
Image: 123RF/dolgachov
The use of artificial intelligence (AI) tools may be one of the reasons there has been an increase in cyberattacks on government entities and private companies.
The latest cybersecurity breach in South Africa has been on IT systems at the National Health Laboratory Service (NHLS), which the Gauteng department of health said had led to delays in processing laboratory tests across public health facilities in the province.
A cybersecurity expert and senior lecturer from the division of information systems at Witwatersrand University, Thembekile Olivia Mayayise, said there has been an increase in the past few months. She said it was not only ransomware but an increase in different types of scams and cyberattacks such as phishing scams.
She believes the use of AI tools may be fuelling the spike.
“That we cannot run away from because with AI tools you don't need to be an expert user to cause havoc. You don't need to be an expert to write a code or coding that will be malicious,” she said.
Mayayise said phishing e-mails have become a simple thing to create because of the availability of AI tools. Organisations that culturally look after their systems in a certain way may need to strengthen their security systems.
Lab test delays after cybersecurity breach: Gauteng health department
She said the organisations may be in a very difficult position because it is no longer about mastering certain skills.
“There are platforms people with malicious intentions visit to learn tools and the knowledge about how they can successfully employ the tools.” .
She said organisations that found themselves in a similar position need to go back to the drawing board and try to understand the risks they are facing as far as cybersecurity is concerned. “What do I stand to lose?.”
Mayayise said if systems are compromised, the situation becomes worse as companies and organisations might not have a plan B if they are hit by ransomware.
“You are doomed if you don't have a plan B. You don't know what you are going to do because all your information has been encrypted and even if you pay it does not guarantee you will get your information back.”
Prof Rennie Naidoo from the Wits School of Business Sciences said limited public information exists and scholars tend to rely on media reports, but indications suggest South Africa has seen a significant increase in cyberbreaches.
He said major government cyber-incidents in recent years suggest an increase and listed recent attacks. These include:
Naidoo said despite efforts such as stringent data protection laws, the increasing frequency and severity of cyber-incidents suggest the government and private entities need to continuously invest in and improve their cybersecurity capabilities.
“The formal reporting of cyber-incidents is limited, and there is a lack of comprehensive resources and statistics from law enforcement and prosecuting authorities.
“The Cybersecurity Hub, South Africa’s national CSIRT (computer security incident response team), provides reporting services but does not publicly share incident data, which limits broader awareness and understanding of the threat landscape.”
TimesLIVE
READ MORE:
Backing women in tech challenge
Unity needed to win the cyber wars, say tech titans
Cyberattacks: Government pension fund members can’t access some services months later
Trader anger as Itac reveals cyberattack
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
News and promos in your inbox
subscribeMost read
Latest Videos