Intelligent CISO Issue 25 | Page 44

industry unlocked Maher Yamout, Senior Security Researcher for the Global Research and Analysis Team at Kaspersky It is undisputable that businesses must operate with up to date systems to ensure they are most secure. We explore the ramifications of not doing so and why Africans are being exposed to financial attacks and how to avoid them. 2020 SEES BANKING INFECTIONS WITH AFRICAN USERS VULNERABLE INTENSIFY KKaspersky statistics show that while the cases of downloading malicious programs targeting users’ bank accounts has become more frequent within 2020, 34% of South African computers may be more at risk of infection without users’ knowledge, as they rely on an outdated or unsupported version of Microsoft Windows operating system (OS). Considering that this OS is the most popular software in the world and has a 21.15% market share in the country as of March this year, this reality is a cause for concern. “There is no code without bugs and no program is perfect. This is why there are security updates – they are meant to find and close potential gaps, before threat actors find and exploit them. They are especially important when it comes to the OS – as the OS is the heart of devices such as laptops, smartphones and tablets. This software ensures that the system performs well and provides the means for people to live in a connected way in this digital era. If this ‘heart’ is outdated or unsupported, it is not only the user experience that will suffer, but there is significant risk that sensitive information could become compromised. Windows does a great job with constant updates, and users should be using this opportunity to ensure protection from cyber-based threats,” said Maher Yamout, Senior Security Researcher for the Global Research and Analysis Team at Kaspersky. House of cards Inevitably, an unsupported or outdated OS will contain vulnerabilities that have not been patched. As such, malicious users can target these weak points to gain access to the system and all its data. Even worse, if this computer is on a network (as most systems are today), the entire environment risks compromise. “It does not matter if an organisation has the best cybersecurity solutions available, if there is even one device running an outdated OS then the whole company is compromised. This is as much an educational issue as it is a practical one. People are creatures of habit and many are resistant to change, especially when it comes to their OS. Our research shows that in South Africa, 5% of the unsupported OS market consists of people still using Windows XP. Frighteningly, it had its end of life in 2014.” Even Windows 7, which was another popular choice for consumers and businesses alike, has seen its extended support come to an end in January this year. Banking risk But locally, this potential damage is not limited to network and data compromise. With malicious threats growing and becoming more sophisticated, unsupported or outdated operating systems are an easy target for such threats to be a success. Let’s take malicious mobile banker packages – designed to steal credentials and money 44 Issue 25 | www.intelligentciso.com