Guiding consumers since 2009

How ‘exposed’ was Liberty Holdings to hackers?

By Isabelle Coetzee

Liberty Holdings was recently the victim of an online breach of information, and the responsible cybercriminals are blackmailing them with the stolen data.

In its initial statement, Liberty insisted that “no concessions had been made in the face of this attempted extortion”.

“Liberty has refused to pay, and good on them,” said Matt Boddy, security specialist at Sophos, a British security software and hardware company.

“After all, there's no guarantee the hackers wouldn't leak the data anyway, sell it to other criminals, or return with bigger demands next month,” he explained.

Boddy pointed out that the cybercriminals could stage getting hacked themselves, and the “pay for silence game could go on forever”.

The difference between ransomware and extortion

This is because it isn’t a ransomware attack, where cybercriminals encrypt data belonging to users – like the WannaCry ransomware attack in 2017.

In these situations, users can “buy” an unscrambling tool from the cybercriminals – therefore, “paying for a positive”.

“In an extortion attack, like the one against Liberty, you're paying for a negative and you’re essentially trusting the criminals indefinitely,” said Boddy.

“The good news is that Liberty is being upfront about the attack. The company is trying to find out what the hackers got hold of and how, in order to make sure this doesn't happen again,” he added.

How vulnerable, or ‘exposed’ was Liberty Holdings?

In October last year, a Singapore-based cyber intelligence agency, Kinkayo (rebranded as Cyber Intelligence House), released a Cyber Exposure Index.

This index is a representation of data that was collected from public sources in the deep web, the dark web, and data breaches. Based on this, signs of “sensitive disclosure, exposed credentials, and hacker group activity” are outlined. 

The below infographic outlines the top 5 most exposed South African countries based on the data from October 2017:

Liberty Holding was number seven on the list of investigated companies in South Africa, and it fell under category four – which means it ranked under 25% of the most exposed companies in the World.

Cyber Intelligence House will release an updated report in two months, which will disclose more details, like the number of employees, behind the scoring system.

“A company’s exposure score goes down when the number of employees increase,” said Mikko Niemelä, CEO and president of Cyber Intelligence House.

“This is because a company will then implement cyber security awareness programmes and systematically educate and train their employees about cybersecurity,” he added.

However, this is not the case with Liberty Holdings.

Niemelä provided Justmoney with a report specifically focussed on Liberty Holdings, which includes updated details from June 2017 to May 2018.

The below graph shows where Liberty Holdings ranks in relation to the industry:

“Liberty is within the industry, and its exposure is very high. Exposure tends to lessen per employee when companies get bigger but that’s not the case with Liberty,” said Niemelä.

The below graph shows the number of events that occurred during this timeframe, as well as the accompanying risks.

“There was a significant amount of action before the breach. This may indicate stolen and breached credentials, which would eventually provide access to some of the company’s systems,” said Niemelä.

He explained that this is typically how cyberattacks happen, but that he cannot confirm that this is what happened in this particular case.

Rather than working with a 5-category scoring system, the new report rates each company out of 300. Liberty Holdings scored 192, which falls under the upper bracket of the third band between 100 and 200.

The third band is considered “high exposure”, where the company has “a moderate amount of exposed clients, accounts and data”. 

David Munro, Liberty Group CEO, confirmed that the company was aware of the Cyber Exposure report which was released in October last year.

“Looking at this index demonstrates the broad nature of this issue and the challenge for all organisations to be vigilant and to improve their security systems on an on-going basis,” said Munro.

He explained that they continuously work to improve their systems, but that sometimes it’s simply not enough.

“We live in a world of highly sophisticated criminals whose methods evolve at an equal pace as the technology built to protect data from them,” said Munro.

What’s next for Liberty and its customers?

In its most recent update Liberty confirmed that it was in full control of its IT environment.

“Liberty is at an advanced stage of investigating the extent of the data breach, which at this stage seems to be largely emails and possibly attachments,” the statement read.

If you’re a Liberty consumer, Boddy recommends you watch out for future news from the company about this breach.

“Keep an eye on your bank statements and, as always, be vigilant about emails, phone calls, and text messages that offer to ‘help you recover’ from this security incident,” said Boddy.

“If you need to contact Liberty about this incident, please don't rely on phone numbers, email addresses, or websites that arrive in messages offering to help – those messages could come from anyone,” he explained.

“Look up the contact details yourself, for example on an old statement, or using a search engine,” he advised.

Recent Articles

Featured Personal loan or business loan? The best way to finance your business

When starting your own business, you may have to rely on external funding. Perhaps you qualify for a personal loan, but would it be better to take out a business loan instead? We got in touch with a specialist to find out whether it’s best to take out a business loan or a personal loan to assist you with your ongoing business or start-up.

What to do when you’ve been denied a home loan

After months of scanning property sites and attending showhouse after showhouse, you’ve finally found what you’ve been looking for. But your dream of owning a home comes crumbling down when you receive the news that you’ve been denied a home loan. So, what now?

Best travel cards offered by top South African banks

Planning a trip abroad involves a lot of administration. You need to consider travelling arrangements, reasonable accommodation, and a daily itinerary. But have you considered how you’re going to pay your bills once you arrive? Besides considering bank costs, you also need to consider exchange rates.

Best ways to save your money short-term

For many, it seems close to impossible to save when spending on holiday getaways, Christmas gifts, while also trying to ensure there’s money left to survive January. Justmoney takes a look at the best ways you can save during the short term.

Deals

Takealot January Big Sale

Price: Available on request
When: Until 31 January 2020
Where: Online

Annique Restore Package Special

Price: From R600
When: Until 31 January 2020
Where: Centurion

Ster-Kinekor Senior Citizens Discount

Price: Available on request
When: Daily
Where: Nationwide