Connect with us


Mayday! Mayday! I’ve Been Hacked



For years, security experts warned Africa’s slumbering companies of cyberattacks. On May 12, many woke up. On this day cyberattacks struck 150 countries,  infecting more than 200,000 computers and holding multi-billion-dollar businesses, like France’s Renault, Britain’s National Health Service, Spain’s Telefónica, the United States’ FedEx and Germany’s Deutsche Bahn, to ransom.

Petya Or NotPetya: Why The Latest Ransomware Is Deadlier Than WannaCry

Behind it is WannaCry. This malicious software (malware) encrypts your computer files until a ransom of $300 is paid in the virtual currency, bitcoins. In simple words, it spreads like worms in a bag of rotten apples.

Experts say the reason why this malware squirmed easily into so many companies is that they see cybersecurity as a joke. Many hadn’t updated their security in over two months.

This made it easy for hackers to exploit Microsoft Windows XP operating systems by bypassing security checks. Once into the core, the malware can search for other files to exploit.

“Africa, in fact the whole world, is woefully unprepared. Traditional security measures aren’t keeping up with the emerging threats. And it’s becoming increasingly difficult, economically, to keep throwing money at the problem, when [top level management] doesn’t necessarily understand the difference between defending against attackers versus defending against auditors, all the while, tightening the purse strings and treating security as a grudge purchase or necessary evil,” says Tim Morty, Cyber Security Specialist at Information Security Architects (ISA).

Web Vigilantes

When your computer is under attack, Morty is the kind of guy you want at you back. For 10 years he has battled cyberattacks on the frontline in Africa, from Botswana and Namibia to Mauritius, Tanzania, Uganda and South Africa.

“Until not too long ago, the prevalent opinion was that only the big corporate and financial institutions had a need to protect their data against corporate espionage, which many considered the main external threat over and above the usual defences against spam and malware. That has changed in recent times. Cybercriminals have not only expanded their reach, they have also found a ready market in our personal data,” says Morty.

Often it can be your employees and their cell phones that make you vulnerable.

“Careless posting on social media is a major concern, as is the use of corporate resources on non-corporate networks. Let’s face it, we all love free WiFi! However, do you really know who is behind the connection, and what are they doing with the information that you are transmitting or receiving?”

One reason why Africa is so vulnerable is many of its people are still learning how the internet works.

“We need to begin learning how to survive in the virtual worlds we have created. Cybercriminals have rapidly adapted to the virtual world and are using the advantages they have developed to thrive, while others are still taking their first tentative steps in this new frontier.”

It was not long ago that businesses, according to KPMG’s 2016 Global CEO Outlook study, considered cybersecurity as an afterthought. The study found cybersecurity has become a major concern for many CEOs. One in five business leaders now list information security as the risk they are most concerned about, while a third sees cybersecurity as the issue with the biggest impact on their company.

Making Millions From Paranoia

The study is made from the views of nearly 1,300 CEOs from companies across 11 industries in 10 countries. Cyberattacks loom larger in Africa when many businesses are on the cusp of the Fourth Industrial Revolution, the age of machine learning, cognitive computing and artificial intelligence, play over the internet.

“Cyberattack is like cancer, there is not one form of cancer and cybersecurity has a lot of different areas. It’s one thing for somebody to steal your Mastercard and cause you aggravation, but stealing a vaccine for something like a virus, could be worth billions,” says J. Patrick Michaels Jr, the founder at Communications Equity Associates (CEA).

Michaels founded CEA in 1973 as a US Cable TV brokerage firm.  Nearly half a century later, it has investments of $1.3 billion in private equity wealth across 60 countries.

Known as a globetrotting investment banker, Michaels learned of cybersecurity in his days as Vice Chairman of the Board of Visitors of the U.S. Naval Academy. Michaels believes small businesses in Africa are prime targets for cyber blackmail.

“Hackers are starting to target the smaller companies to freeze up their businesses. A lion isn’t going to attack an elephant, when maybe a water buffalo or springbok is easier prey,” says Michaels.

“If you hijack the IT systems for a corporation, the impact on that company’s shares would be crippling. We could be sitting in Prague, sending a message to this company that to unfreeze their systems, the payment of $100 million to various bank accounts around the world would be appropriate. $100 million would be nothing compared to how much they would lose on the JSE stock markets if they were shut down for just 10 minutes.”

Industrial Thief On The Line, How Can I Rob You?

On the ground in Africa, Morty warns cyberattacks are on the rise because businesses can’t foot the bill.

“South Africa is, on average, ahead of the curve, in terms of Africa, although we’ve still got a lot of room for improvement… Economically, it is sometimes prohibitively expensive to keep up with the latest and greatest technologies. For those that can afford it, the next challenge is staff upskilling and, often, retention, in a market where skilled individuals are always sought after,” says Morty.

“There have been a few occasions when we have documented some major security concerns while working with a client; from open wireless access points and often basic networking flaws at one financial institution to simple lack of visibility and understanding of the client’s environment, with the security role being taken care of by networking staff with minimal training or understanding of the technologies in use.”

External threats are only part of the problem. Disgruntled employees or moles find it easy to expose weaknesses from within.

“The typical image, often conjured by media, of hooded figures hunched ominously over a laptop keyboard, is quite misleading. Threats from within are a reality; sometimes with intent, sometimes through neglect, often by accident, especially due to poor user education about a topic that isn’t always user friendly,” says Morty.

“Rapid adoption of social media has contributed to security woes, as its users willingly provide attackers with a wealth of information to use against both organizations and individuals alike, making reconnaissance, planning and execution of social engineering attacks that much easier.”

According to the 2017 Harvey Nash/KPMG CIO Survey, the world’s largest survey of IT leadership, cybersecurity vulnerability is at an all-time high, with a third of IT leaders (32%) reporting their organization had been subject to a major cyberattack in the past 24 months – a 45% increase on 2013.

Only one in five say they are very well prepared to respond to these attacks, down from 29% in 2014. Despite very visible headline-grabbing attacks, such as the recent WannaCry ransomware attack, the biggest jump in threats comes from insider attacks, increasing from 40% to 47% over the last year.

So should we be spending millions on encrypting our phones and protecting computers from hackers?

“Oddly enough, I’m inclined to say no. Throwing money at the problem will only help up to a point. What we need to do is change the way we work. Educate our users about what it means to be part of the connected world; illustrate what the risks are as well as what can be done to protect themselves, and teach good security practices rather than dictate an intimidating list of do’s and don’ts,” says Morty.

It will take a while yet for online security to become second nature. Until then Africa’s blind spot could be expensive.

Relentless rise of organizations being subject to major cyberattacks during past four years:

2017: 32%

2016: 28%

2015: 25%

2014: 22%

Source: The 2017 Harvey Nash/KPMG CIO Survey


Where The Medium’s The Topic And The Topic is Topical



UJ, 4IR, and the CloudebateTM concept

UJ is the University of Johannesburg. 4IR is the Fourth Industrial Revolution. CloudebateTM? Well – it’s a place where really interesting questions are asked, such as: is the academic thesis a thing of the past? Have books outlived their physical form? Are we witnessing the demise of childhood? Will eye-tracking, sip and puff, or exoskeletons lead to true equality of opportunity? Will society change Africa? Will Africa help change society? Will education teach our children what they really need to know? And if so, how?

As 4IR sweeps the world, sending many preconceptions, predilections, and presuppositions tumbling as it goes, UJ sees the asking of questions like these as a fundamental response. And it’s responding because, since 2013, when it first embarked on its strategy of global excellence and stature, the university saw a clear need to take the lead in exploring the applications, implications and potential of 4IR. What’s more, it saw a need to do this not just as part of its positioning as a thought-leader on the continent, but as part of making a proactive and positive contribution towards African society, education and enablement.

A vision of width, a platform of depth

It’s a significant vision, and as part realising it, UJ has been investigating new and challenging ways, not just of identifying the issues at stake, but of presenting them in depth. It sought a way that would bring medium and content, idea and action, debate and initiative, together on one unique platform.

And that unique platform, one that UJ has not only created, but given a unique name to as well, is the CloudebateTM

The CloudebateTM

The CloudebateTM has essentially taken the traditional debate/panel discussion and reimagined it, placing it firmly within the realm of its own 4IR scope, and using the latest live-streaming technology. It is the place where 4IR ideas that have been identified as relevant, meaningful, challenging and thought-provoking are placed before an expert panel as well as an online audience who are invited to participate in real time, online, in a very 4IR way, in the discussion, analysis and dissection.  

There have been seven Cloudebates held so far, and their names provide an insight into their capacity to provoke thought: The Way Tomorrow Works; Digitally Equal; Is 4IR the Demise of Childhood? Questioning the Answers; Obsolete or Absolute? Should Books be Shelved? Adding Muscle to Open Doors.

When thought is action

It’s all about the kind of world we are creating for our children to inhabit. What will the elimination of jobs do to society? Are children growing directly into the immediacy of adulthood? Are academic theses outdated? Are libraries passé? Can technology enable opportunity equally for all?

The digital reach has been immense, not just in South Africa but globally, where it has found a worldwide audience. Moreover, UJ’s CloudebateTM initiative is set to continue into 2020 with further challenges to our received wisdom, our perceived way of doing things. So, if you have any stimulating 4IR topics that you would like to see discussed, send them to [email protected] – UJ would love to hear from you. And if you’d like to see the discussions that have already taken place, then just go to, where you can watch, and take a view of your own.

Creating tomorrow

With its innovative CloudebateTM concept, UJ’s pursuit of global excellence has been a most rewarding journey that will continue to develop and expand along with 4IR, and along with UJ’s ongoing commitment to creating tomorrow.

Content provided by the University of Johannesburg

Continue Reading

30 under 30

Applications Open for FORBES AFRICA 30 Under 30 class of 2020



FORBES AFRICA is on the hunt for Africans under the age of 30, who are building brands, creating jobs and transforming the continent, to join our Under 30 community for 2020.

JOHANNESBURG, 07 January 2020: Attention entrepreneurs, creatives, sport stars and technology geeks — the 2020 FORBES AFRICA Under 30 nominations are now officially open.

The FORBES AFRICA 30 Under 30 list is the most-anticipated list of game-changers on the continent and this year, we are on the hunt for 30 of Africa’s brightest achievers under the age of 30 spanning these categories: Business, Technology, Creatives and Sport.

Each year, FORBES AFRICA looks for resilient self-starters, innovators, entrepreneurs and disruptors who have the acumen to stay the course in their chosen field, come what may.

Past honorees include Sho Madjozi, Bruce Diale, Karabo Poppy, Kwesta, Nomzamo Mbatha, Burna Boy, Nthabiseng Mosia, Busi Mkhumbuzi Pooe, Henrich Akomolafe, Davido, Yemi Alade, Vere Shaba, Nasty C and WizKid.

What’s different this year is that we have whittled down the list to just 30 finalists, making the competition stiff and the vetting process even more rigorous. 

Says FORBES AFRICA’s Managing Editor, Renuka Methil: “The start of a new decade means the unraveling of fresh talent on the African continent. I can’t wait to see the potential billionaires who will land up on our desks. Our coveted sixth annual Under 30 list will herald some of the decade’s biggest names in business and life.”

If you think you have what it takes to be on this year’s list or know an entrepreneur, creative, technology entrepreneur or sports star under 30 with a proven track-record on the continent – introduce them to FORBES AFRICA by applying or submitting your nomination.


Business and Technology categories

  1. Must be an entrepreneur/founder aged 29 or younger on 31 March 2020
  2. Should have a legitimate REGISTERED business on the continent
  3. Business/businesses should be two years or older
  4. Nominees must have risked own money and have a social impact
  5. Must be profit generating
  6. Must employ people in Africa
  7. All applications must be in English
  8. Should be available and prepared to participate in the Under 30 Meet-Up

Sports category

  1. Must be a sports person aged 29 or younger on 31 March 2020
  2. Must be representing an African team
  3. Should have a proven track record of no less than two years
  4. Should be making significant earnings
  5. Should have some endorsement deals
  6. Entrepreneurship and social impact is a plus
  7. All applications must be in English
  8. Should be available and prepared to participate in the Under 30 Meet-Up

Creatives category

  1. Must be a creative aged 29 or younger on 31 March 2020
  2. Must be from or based in Africa
  3. Should be making significant earnings
  4. Should have a proven creative record of no less than two years
  5. Must have social influence
  6. Entrepreneurship and social impact is a plus
  7. All applications must be in English
  8. Should be available and prepared to participate in the Under 30 Meet-Up

Your entry should include:

  • Country
  • Full Names
  • Company name/Team you are applying with
  • A short motivation on why you should be on the list
  • A short profile on self and company
  • Links to published material / news clippings about nominee
  • All social media handles
  • Contact information
  • High-res images of yourself

Applications and nominations must be sent via email to FORBES AFRICA journalist and curator of the list, Karen Mwendera, on [email protected]

Nominations close on 3 February 2020.

Continue Reading


Facebook Is Still Leaking Data More Than One Year After Cambridge Analytica




Facebook said late Tuesday that roughly 100 developers may have improperly accessed user data, which includes the names and profile pictures of individuals in certain Facebook Groups.

The company explained in a blog post that developers primarily of social media management and video-streaming apps retained the ability to access Facebook Group member information longer than the company intended.

The company did not detail the type of data that was improperly accessed beyond names and photos, and it did not disclose the number of users affected by the leak.

Facebook restricted its developer APIs—which provide a way for apps to interface with Facebook data—in April 2018, after the Cambridge Analytica scandal broke the month before. The goal was to reduce the way in which developers could gather large swaths of data from Facebook users.

But the company’s sweeping changes have been relatively ineffective. More than a year after the company restricted API access, the company continues to announce newly discovered data leaks.

“Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have retained and we will conduct audits to confirm that it has been deleted,” Facebook said in a statement.

The social media giant says in its announcement that it reached out to 100 developer partners who may have improperly accessed user data and says that at least 11 developer partners accessed the user data within the last 60 days.

Facebook has been reviewing the ways that companies are able to collect information and personal data about its users since the New York Times reported that political consulting firm Cambridge Analytica harvested data of millions of users. Facebook later said the firm connected to the Trump campaign may have improperly accessed data on 87 million users.

The Federal Trade Commission slapped Facebook with a $5 billion fine as a result of the breach. As part of the 20-year agreement both parties reached, Facebook now faces new guidelines for how it handles privacy leaks.

“The new framework under our agreement with the FTC means more accountability and transparency into how we build and maintain products,” Facebook’s director of platform partnerships, Konstantinos Papamiltiadis, wrote in a Facebook post.

“As we work through this process we expect to find examples like the Groups API of where we can improve; rest assured we are committed to this work and supporting the people on our platform.”

Michael Nuñez

Continue Reading