Guiding consumers since 2009

How ‘exposed’ was Liberty Holdings to hackers?

By Isabelle Coetzee

Liberty Holdings was recently the victim of an online breach of information, and the responsible cybercriminals are blackmailing them with the stolen data.

In its initial statement, Liberty insisted that “no concessions had been made in the face of this attempted extortion”.

“Liberty has refused to pay, and good on them,” said Matt Boddy, security specialist at Sophos, a British security software and hardware company.

“After all, there's no guarantee the hackers wouldn't leak the data anyway, sell it to other criminals, or return with bigger demands next month,” he explained.

Boddy pointed out that the cybercriminals could stage getting hacked themselves, and the “pay for silence game could go on forever”.

The difference between ransomware and extortion

This is because it isn’t a ransomware attack, where cybercriminals encrypt data belonging to users – like the WannaCry ransomware attack in 2017.

In these situations, users can “buy” an unscrambling tool from the cybercriminals – therefore, “paying for a positive”.

“In an extortion attack, like the one against Liberty, you're paying for a negative and you’re essentially trusting the criminals indefinitely,” said Boddy.

“The good news is that Liberty is being upfront about the attack. The company is trying to find out what the hackers got hold of and how, in order to make sure this doesn't happen again,” he added.

How vulnerable, or ‘exposed’ was Liberty Holdings?

In October last year, a Singapore-based cyber intelligence agency, Kinkayo (rebranded as Cyber Intelligence House), released a Cyber Exposure Index.

This index is a representation of data that was collected from public sources in the deep web, the dark web, and data breaches. Based on this, signs of “sensitive disclosure, exposed credentials, and hacker group activity” are outlined. 

The below infographic outlines the top 5 most exposed South African countries based on the data from October 2017:

Liberty Holding was number seven on the list of investigated companies in South Africa, and it fell under category four – which means it ranked under 25% of the most exposed companies in the World.

Cyber Intelligence House will release an updated report in two months, which will disclose more details, like the number of employees, behind the scoring system.

“A company’s exposure score goes down when the number of employees increase,” said Mikko Niemelä, CEO and president of Cyber Intelligence House.

“This is because a company will then implement cyber security awareness programmes and systematically educate and train their employees about cybersecurity,” he added.

However, this is not the case with Liberty Holdings.

Niemelä provided Justmoney with a report specifically focussed on Liberty Holdings, which includes updated details from June 2017 to May 2018.

The below graph shows where Liberty Holdings ranks in relation to the industry:

“Liberty is within the industry, and its exposure is very high. Exposure tends to lessen per employee when companies get bigger but that’s not the case with Liberty,” said Niemelä.

The below graph shows the number of events that occurred during this timeframe, as well as the accompanying risks.

“There was a significant amount of action before the breach. This may indicate stolen and breached credentials, which would eventually provide access to some of the company’s systems,” said Niemelä.

He explained that this is typically how cyberattacks happen, but that he cannot confirm that this is what happened in this particular case.

Rather than working with a 5-category scoring system, the new report rates each company out of 300. Liberty Holdings scored 192, which falls under the upper bracket of the third band between 100 and 200.

The third band is considered “high exposure”, where the company has “a moderate amount of exposed clients, accounts and data”. 

David Munro, Liberty Group CEO, confirmed that the company was aware of the Cyber Exposure report which was released in October last year.

“Looking at this index demonstrates the broad nature of this issue and the challenge for all organisations to be vigilant and to improve their security systems on an on-going basis,” said Munro.

He explained that they continuously work to improve their systems, but that sometimes it’s simply not enough.

“We live in a world of highly sophisticated criminals whose methods evolve at an equal pace as the technology built to protect data from them,” said Munro.

What’s next for Liberty and its customers?

In its most recent update Liberty confirmed that it was in full control of its IT environment.

“Liberty is at an advanced stage of investigating the extent of the data breach, which at this stage seems to be largely emails and possibly attachments,” the statement read.

If you’re a Liberty consumer, Boddy recommends you watch out for future news from the company about this breach.

“Keep an eye on your bank statements and, as always, be vigilant about emails, phone calls, and text messages that offer to ‘help you recover’ from this security incident,” said Boddy.

“If you need to contact Liberty about this incident, please don't rely on phone numbers, email addresses, or websites that arrive in messages offering to help – those messages could come from anyone,” he explained.

“Look up the contact details yourself, for example on an old statement, or using a search engine,” he advised.

Recent Articles

Featured What’s the deal with underwriting?

When you apply for a long-term insurance policy, a financial adviser will ask some personal questions about your lifestyle, family history, health, and even ask you to take some medical tests. This process is called underwriting, but is it really necessary?


How are you taxed on your retrenchment package?

Unemployment is one of the biggest problems in South Africa. The emergence of the Covid-19 pandemic has exacerbated the situation with a lot of companies retrenching their employees.  When retrenched, you’ll receive a retrenchment package, but do you know how much tax you’re liable for?

Car repossessed – don’t be taken for a ride

When the country is facing an economic downturn, chances are your finances will feel the pinch. This can lead you to make bad financial decisions such as skipping your vehicle payments. But every decision has consequences and if you don’t pay your instalment, the bank will repossess your car. But what can you do when this happens?


Why you should consider gap cover

Your medical aid should protect you from incurring large medical bills when you’re sick. But what if your plan doesn’t cover the full cost of your medical expenses? We got in touch with insurance experts to find out whether gap cover is worth having.


Office furniture at discounted prices at BDK

Price: Available on request
When: Daily
Where: Johannesburg

Da Vincis Happy Hour Special

Price: Available on request
When: Daily
Where: Cape Town

Use your Absa card and get 30% cashback at Dis-chem

Price: Available on request
When: Daily
Where: Nationwide

Latest Guide

Guide to debt rehabilitation solutions