2020 sees banking infections intensify, with a third of South African users vulnerable

2020 sees banking infections intensify, with a third of South African users vulnerable

Kaspersky statistics show that while the cases of downloading malicious programs targeting users’ bank accounts has become more frequent within 2020, 34% of South African computers may be more at risk of infection without users knowledge, as they rely on an outdated or unsupported version of Microsoft Windows operating system (OS). Considering that this OS is the most popular software in the world and has a 21.15% market share in the country as of March this year, this reality is a cause for concern. 

“There is no code without bugs and no program is perfect. This is why there are security updates – they are meant to find and close potential gaps, before threat actors find and exploit them. They are especially important when it comes to the OS – as the OS is the heart of devices such as laptops, smartphones and tablets. This software ensures that the system performs well and provides the means for people to live in a connected way in this digital era. If this ‘heart’ is outdated or unsupported, it is not only the user experience that will suffer, but there is significant risk that sensitive information could become compromised. Windows does a great job with constant updates and users should be using this opportunity to ensure protection from cyber-based threats,” said Maher Yamout, Senior Security Researcher for the Global Research and Analysis Team at Kaspersky.

House of cards

Inevitably, an unsupported or outdated OS will contain vulnerabilities that have not been patched. As such, malicious users can target these weak points to gain access to the system and all its data. Even worse, if this computer is on a network (as most systems are today), the entire environment risks compromise.

“It does not matter if an organisation has the best cybersecurity solutions available, if there is even one device running an outdated OS then the whole company is compromised. This is as much an educational issue as it is a practical one. People are creatures of habit and many are resistant to change, especially when it comes to their OS. Our research shows that in South Africa, 5% of the unsupported OS market consists of people still using Windows XP. Frighteningly, it had its end of life in 2014.”

Even Windows 7, which was another popular choice for consumers and businesses alike, has seen its extended support come to an end in January this year.

Banking risk

But locally, this potential damage is not limited to network and data compromise. With malicious threats growing and becoming more sophisticated, unsupported or outdated operating systems are an easy target for such threats to be a success. Let’s take malicious mobile banker packages – designed to steal credentials and money from people’s bank accounts – as an example, as it is a growing threat in the local region.

“In January and February this year, almost 1% of connected South Africans were the targets of malicious bankers. Putting this into context, the entire 2019 accounted for 1% of the local market targeted. Based on this, the projections for the remainder of the year could be massive,” said Yamout.

These mobile banking Trojans are the most rapidly developing, flexible and dangerous types of malware. Now imagine having such sophisticated attacks targeting an outdated or unsupported OS. This virtually guarantees that the person will lose a significant amount (if not all) of funds in their banking accounts. Furthermore, it could compromise others as well with hackers gaining complete access to their list of beneficiaries.

“Both consumers and businesses must be aware of the risks associated with using outdated or unsupported software. Living in a digital environment that is seeing an increase in cyberthreats requires constant vigilance and an awareness of the need to keep software updated, to ensure the latest cybersecurity patches are in place. To do any less poses a digital risk that can have significant consequences,” said Yamout.

Browse our latest issue

Intelligent CISO

View Magazine Archive