Wolfpack Information Risk provides specialist information and cyber threat consulting, training, awareness and incident support services to African governments and organisations.
Mission: We are passionate defenders of communities, companies, and countries against cyber threats.
Vision: Wolfpack will be the catalyst that drives the greatest positive cybersecurity impact on the African continent.
Greetings Cyberwolves
It is great to be in touch again. We are excited to announce that our new website is live and ready for you to explore. The pack has been hard at work preparing for our upcoming webinar series; please do not forget to register.
February was a busy month for love-seekers who devoted additional time to cultivating their online presence. Romance Romeos deepened their deepfake shady swindles using sophisticated Artificial Intelligence (AI) Art Tools, which create realistic but fake images, videos, or audio of people on dating sites or social media platforms. They pretend to be interested in romantic relationships with their targets. Once the potential victims express a romantic interest, AI bots chat with this person for months to gain their trust. These tools have enabled imposters to create high volumes of authentic-looking dating profiles, making these romance scams almost impossible to detect.
It is crucial to consider technology’s profound influence on our rights and the serious risks they pose to personal and financial security. The use of malicious generative AI technology to impersonate, spread misinformation, reputational damage, manipulation and extortion has blurred the lines of truth, trust and transparency and infringes on all our human rights. Wolfpack believes cybersecurity is a shared responsibility and our approach to fraud detection must evolve.
Our team is passionate about assisting Countries, Companies and Communities against these attacks, and we are committed to providing our customers and prospective clients with the tools and resources they need to protect their data and information. The good news is that there are steps your organisation can take to fight back against leaked or stolen PII, reputational damage, and betrayal of trust. We also provide guidance and support on how to avoid falling victim to these online romance scams and deep fakes.
Vigilance is key. Our approach is to take the complexity out of Information Security. We are here to help you stay safe and secure online.
Yours Securely
#protectioninthepack
SAVE THE DATE
We look forward to welcoming you to our exciting upcoming webinars. Please feel free to share them with your colleagues and Register for our Upcoming 2024 Webinars.
WOLFPACK IN THE NEWS
Lester Kiewit from Good Morning Cape Town speaks to Leon Hannibal, Head of Investigations at Wolfpack Information Risk, to discuss criminal phishing expeditions!
How deepfake scammers abused top doctor’s image. It is getting increasingly difficult to trust what you see online when your doctor’s face and voice are faked to sell male potency products
ADVISORY AND CYBERSECURITY
NIST CSF v 2.0 is officially out and has been released, along with other supplementary resources. Helping organisations to better understand and improve their management of cybersecurity risk.
CSF 2.0: For industry, government, and organisations to reduce cybersecurity risks.
Quick Start Guides: For users with specific common goals.
CSF 2.0 Profiles: Templates and useful resources for creating and using both CSF profiles. Informative References (Mappings): See how NIST’s resources overlap and share themes.
A ransomware gang claiming responsibility for the Companies and Intellectual Property Commission (CIPC) hack says they have had access to the agency’s systems since 2021.
We have reached a tipping point in the future of jobs. Organisational roles are disappearing and being replaced by skill sets. The digital skills gap is ever-growing. At its current pace, technology is outpacing human skills, causing a gap in the skills demanded and supplied by the job market. In the future of jobs, employers require you to know an ever-growing number of new and ever-changing fundamental skills in order to use the technologies they have implemented.
Meet VOCALLS, the Voice-first Contact Center AI prioritising rapid value delivery and ease of use. This platform is built upon an in-depth understanding of telephone systems and contact centers to automate repetitive tasks, assign more complex tasks and empower agents to be more effective.
South African packaging giant Nampak suffered a data breach on its systems last week. “An unknown third party gained access to its IT systems, notwithstanding the company’s robust and embedded security protocols,” Nampak stated. Nampak said it immediately took the necessary steps to contain, assess and remediate the incident.
Lockbit, a notorious cybercrime gang which holds its victims’ data ransom, has been disrupted in a rare international law enforcement operation.
The operation was run by Britain’s National Crime Agency, the US Federal Bureau of Investigation, Europol, and a coalition of international police agencies, according to a post on the gang’s extortion website.
Chinese and US researchers show that new side channels can reproduce fingerprints to enable attacks and have outlined an interesting new attack on biometric security.
PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [PDF] proposes a side-channel attack on the sophisticated Automatic Fingerprint Identification System (AFIS).
A well-known Pretoria chef lost nearly R600,000 after thieves stole his phone. Fortunato Mazzone, who co-owns the Forti Grill and Bar and his chef patron at the Forti Bistro and Forti Too, posted about the experience on Facebook on Monday, 12 February 2024.
The Adventures of CISO Ed & Co attempts to highlight the everyday frustrations, heroism, and insights of CISOs and infosec teams while bringing some fun to the serious business of cybersecurity. We hope CISO Ed & Co. brings a grin as you go about your day. Compliments of Balbix
TRAINING, AWARENESS AND RESOURCING
Wolfpack Information Risk is a Proudly South African Beneficiary of the African Online Platform (AOSP) supported by Google.org.
Africa’s cybersecurity leader provides South African companies and communities with awareness capabilities to tackle the increasing dangers of advanced cyberattacks. Impact Amplifier launched the AOSP in South Africa. The platform provides a rich repository of research, education content, funding opportunities, and ways to seek help after an online crime.
OUR PARTNERS
Conversations with thought leaders on building cyber resilience: Why a cyber resilience culture must be a strategic priority. Andre Swart, Managing Director of Ziyasiza, invites Edwin Mpofu, Head of Cyber Defence of Wolfpack Information Risk, to talk about the urgent attention business leaders must give to building a culture of cyber resilience. Watch the video and read the conversation that follows.
If you are a South African senior manager, have you ever wondered about your risk exposure and the possibility of being held criminally liable for your ultra vires actions?
Well, the answer to this question — the inconvenient truth — is that you have probably not been informed regarding the “prescribed officer” provisions as set out in the Companies Act 2008 and its regulations.
Section 66(10) of the Act states that the responsible Minister may designate the holders of certain positions within the company as ‘prescribed officers’. These are persons who, despite not being directors of the company, “exercise, or regularly participate to a material degree in general executive control over and management of the business, or a significant portion of the business and activities of the company (Reg.38)”. By implication of these provisions, it covers a broad range of people which generally includes all executive members who are not board members, senior management, the company secretary, head of operations, finance, marketing executives and similar posts. The ‘inconvenient truth’ is that all prescribed officers are treated as equals to directors, at least from a risk and liability perspective. Sections 75 -77 deal extensively with the conduct expected of prescribed officers; they are expected to comply with the same duties of care, skill, and diligence expected of directors.
This raises some critical questions:
- Have you been made aware of these legal provisions, and do you fall within the ambit of a prescribed officer?
- Have you been orientated in your fiduciary duties in the same way that directors have been orientated? (https://lnkd.in/dBhRkFiT)
- Do you enjoy the same protection directors receive against personal liability through D&O insurance cover? If not, why not?
- If your company has neglected this discussion, why is this the case?
- Does your company have a governance framework? How have you been included in the company’s governance framework, if at all? (https://lnkd.in/dy4d3NQc)
- Besides HR, what role does the company secretary fulfil in your leadership development, especially regarding your fiduciary duties?
It’s not surprising why CGF is called regarding a host of wide-ranging governance issues (locally and internationally), nor is it surprising to understand why many people who fall within the prescribed officer ambit are simply not told about these details.
Knowing matters!
OUR COMMUNITY
Save these dates for the AFFT 2024 Events
AFFT events are colour-coded, with yellow events being our campaigns (particularly suitable for schools and businesses), pink showing our fundraisers, green and blue highlighting our families’ programme, and red for our preschools.We invite you to save the date for the events you are interested in.
If you have been a victim of cybercrime, you may submit your scams, information and cases for investigation to osint@wolfpackrisk.com
Please share this newsletter if you have benefited from the content.
We look forward to hearing from you.
