It appears that Liberty was hacked through a compromised email which is notoriously difficult to secure, says Dominic White, Chief Technical Officer at cybersecurity consultancy SensePost.
"Imagine if you had to complete a one time password every 15 minutes for your phone to automatically pull email," White told Business Insider South Africa.
"[Emails and public wifi] also makes monitoring hard: thousands of users coming from hundreds of networks don't leave an easy way to spot a careful malicious connection."
Liberty clients' data were breached by a third party on June 14.
The hackers demanded an undisclosed amount of money to halt the release of the information onto the "dark web", but Liberty said it had not made any payments thus far.
White gave Business Insider South Africa a list of four ways corporates can protect themselves against a Liberty-style hack:
“A quarterly or bi-annual archiving from online servers to backups is a tough policy, but can limit the total size of mail,” White says. This can limit the exposure to unsecured emails.
When users log in with a password, companies can set up additional automated interactions for users to log in. “This is already standard functionality in both Gmail and Office365,” White says.
Especially if you are using additional or third-party mail filters or storage solutions, make sure administrative access to those is carefully controlled. “Long, unique passwords, limited access from outside the organisation. Two Factor Authentication should all be considered.”
For highly sensitive communication, White suggests companies make use of S/MIME, a kind of encryption. “ It's not an easy solution, but for regular confidential mail, it can hide it even from an authenticated attacker,” he says.
Receive a single email every morning with all our latest news: Sign up here.
Also from Business Insider South Africa: