How ‘exposed’ was Liberty Holdings to hackers?

By Isabelle Coetzee

Liberty Holdings was recently the victim of an online breach of information, and the responsible cybercriminals are blackmailing them with the stolen data.

In its initial statement, Liberty insisted that “no concessions had been made in the face of this attempted extortion”.

“Liberty has refused to pay, and good on them,” said Matt Boddy, security specialist at Sophos, a British security software and hardware company.

“After all, there's no guarantee the hackers wouldn't leak the data anyway, sell it to other criminals, or return with bigger demands next month,” he explained.

Boddy pointed out that the cybercriminals could stage getting hacked themselves, and the “pay for silence game could go on forever”.

The difference between ransomware and extortion

This is because it isn’t a ransomware attack, where cybercriminals encrypt data belonging to users – like the WannaCry ransomware attack in 2017.

In these situations, users can “buy” an unscrambling tool from the cybercriminals – therefore, “paying for a positive”.

“In an extortion attack, like the one against Liberty, you're paying for a negative and you’re essentially trusting the criminals indefinitely,” said Boddy.

“The good news is that Liberty is being upfront about the attack. The company is trying to find out what the hackers got hold of and how, in order to make sure this doesn't happen again,” he added.

How vulnerable, or ‘exposed’ was Liberty Holdings?

In October last year, a Singapore-based cyber intelligence agency, Kinkayo (rebranded as Cyber Intelligence House), released a Cyber Exposure Index.

This index is a representation of data that was collected from public sources in the deep web, the dark web, and data breaches. Based on this, signs of “sensitive disclosure, exposed credentials, and hacker group activity” are outlined. 

The below infographic outlines the top 5 most exposed South African countries based on the data from October 2017:

Liberty Holding was number seven on the list of investigated companies in South Africa, and it fell under category four – which means it ranked under 25% of the most exposed companies in the World.

Cyber Intelligence House will release an updated report in two months, which will disclose more details, like the number of employees, behind the scoring system.

“A company’s exposure score goes down when the number of employees increase,” said Mikko Niemelä, CEO and president of Cyber Intelligence House.

“This is because a company will then implement cyber security awareness programmes and systematically educate and train their employees about cybersecurity,” he added.

However, this is not the case with Liberty Holdings.

Niemelä provided Justmoney with a report specifically focussed on Liberty Holdings, which includes updated details from June 2017 to May 2018.

The below graph shows where Liberty Holdings ranks in relation to the industry:

“Liberty is within the industry, and its exposure is very high. Exposure tends to lessen per employee when companies get bigger but that’s not the case with Liberty,” said Niemelä.

The below graph shows the number of events that occurred during this timeframe, as well as the accompanying risks.

“There was a significant amount of action before the breach. This may indicate stolen and breached credentials, which would eventually provide access to some of the company’s systems,” said Niemelä.

He explained that this is typically how cyberattacks happen, but that he cannot confirm that this is what happened in this particular case.

Rather than working with a 5-category scoring system, the new report rates each company out of 300. Liberty Holdings scored 192, which falls under the upper bracket of the third band between 100 and 200.

The third band is considered “high exposure”, where the company has “a moderate amount of exposed clients, accounts and data”. 

David Munro, Liberty Group CEO, confirmed that the company was aware of the Cyber Exposure report which was released in October last year.

“Looking at this index demonstrates the broad nature of this issue and the challenge for all organisations to be vigilant and to improve their security systems on an on-going basis,” said Munro.

He explained that they continuously work to improve their systems, but that sometimes it’s simply not enough.

“We live in a world of highly sophisticated criminals whose methods evolve at an equal pace as the technology built to protect data from them,” said Munro.

What’s next for Liberty and its customers?

In its most recent update Liberty confirmed that it was in full control of its IT environment.

“Liberty is at an advanced stage of investigating the extent of the data breach, which at this stage seems to be largely emails and possibly attachments,” the statement read.

If you’re a Liberty consumer, Boddy recommends you watch out for future news from the company about this breach.

“Keep an eye on your bank statements and, as always, be vigilant about emails, phone calls, and text messages that offer to ‘help you recover’ from this security incident,” said Boddy.

“If you need to contact Liberty about this incident, please don't rely on phone numbers, email addresses, or websites that arrive in messages offering to help – those messages could come from anyone,” he explained.

“Look up the contact details yourself, for example on an old statement, or using a search engine,” he advised.

Recent Articles

Featured Are you financially secure enough to buy your first home?

When you buy your first home, you need to make sure you’re in a secure financial position so that you can stay afloat in spite of your increased financial responsibility. But are you aware of all the costs you’ll have to carry?

If someone had your medical aid details, could they benefit in your name?

With credit fraud on the rise, most of us know the importance of keeping our general personal details safe, such as ID number, home address, and contact details. But were you aware of the need to keep your medical aid or insurance details safe?

Can your insurance application be rejected because of your credit score?

A credit score is used by lenders to determine how likely it is that you will repay a loan on time. It is also a factor in interest rates and loan qualifications.

But can it be used to determine the success of your insurance application?

How to budget for charity and balance it with your savings

Charity is not a compulsory expense and thus it is usually excluded from budgets. However, if you donate money on the spur of the moment, it could throw your budget off course. We look at how you can budget for goodwill, and how you can give when your income won’t allow you to do as much as you’d like.   


Gardenia Boutique Hotel Couple Package

Price: R1240
When: Daily
Where: Johannesburg

Bossa Sundowner Sundays

Price: R49
When: Sundays
Where: Western Cape and Gauteng

Ashley’s Family Restaurant Monday Special

Price: Available on request
When: Mondays
Where: Goodwood and Kraaifontein

Latest Guide

Guide to debt rehabilitation solutions