Check Point said with employees being the first line of defence in security and prevention, this was an important reminder of the need to implement regular cybersecurity training, as well as clear procedures and policies for data storage.
Check Point said in response to the attack, Shoprite was quick to implement additional security measures, including amending authentication processes and detection strategies, and locking down affected areas of the network.
“While these measures are good, they still reflect another concerning reality,” said Check Point’s Africa regional director Pankaj Bhula.
He said many local businesses were still one step behind cybercriminals, following a detect and respond approach rather than a prevent-first one.
“Prevent-first is critical to protect against today’s sophisticated Gen V attacks [fifth generation cyberattacks].”
Check Point said ransomware attacks were rife, and increasing, across the African continent.
In the first quarter of 2022, Check Point Research had noted a 23% increase in ransomware attacks compared to 2021 — with one out of 44 organisations now affected weekly, on average. This is compared to one out of 53 organisations affected globally.
The company said ransomware attacks were becoming the most lucrative type of cybercrime, enabling criminal gangs to rake in huge profits.
In the last few months alone, these attacks had disrupted large organisations in SA from Dis-Chem to Capitec and Transnet.
Check Point said to bolster defences against ransomware, organisations must have a robust, secure data backup solution in place.
They needed to provide frequent cybersecurity awareness training to all employees, especially around phishing attacks and enforce a strong password policy, requiring the use of multi-factor authentication.
They also needed to keep computers up to date and apply security patches, especially those labelled as critical.