In the past year more than half of South Africa’s firms were impacted by ransomware and total gross losses in digital banking in South Africa increased by 45%, while SIM-swop fraud increased by 63% in 2021.
SOUTH Africa continues to grapple with cybercrime, which is likely to increase in future with the country being ranked number six in the world in terms of cybercrime density.
This has been attributed to the era of digitalisation which has bred a significant increase in cybercrime, even while making people’s lives easier.
As a result of cybercrime, national government institutions, large corporations and small and medium sized businesses are at risk of financial and data loss, identity theft and cyber extortion.
Billy Petzer, research group leader in cyber security systems at the Council for Scientific and Industrial Research (CSIR), painted a bleak picture of continuous cybercrime attacks locally, saying the phenomenon costs the country at least R2.2 billion a year.
“As things stand at the moment we are not looking great,” he said during a virtual media briefing this week.
The country, he said, was the eighth most targeted country for ransomware and also had the most instances of business email compromise on the continent.
In the past year more than half of South Africa’s firms were impacted by ransomware and total gross losses in digital banking in South Africa increased by 45%, while SIM-swop fraud increased by 63% in 2021, according to Petzer.
Despite worrying estimates in cybercrime prevalence, he said, cyber-extortion, sextortion, cyberbullying often go unreported.
Recent cyber attacks experienced locally affected entities such as Transnet, Experian, Transunion, Life Healthcare, Shoprite Holdings, SA banks and several government departments.
Petzer said: “This is not a name and shame list. If we were to put all the organisations’ names and individuals, who had similar attacks recently, the list would be quite long.”
He explained that it was important to understand that South Africa was unique in terms of its complex socio-economic landscape.
For example, the country has the most unequal society in the world, has high poverty and crime and has a vulnerable population.
The country’s low levels of education, general population not being tech-savvy and few cybersecurity professionals contributed to its vulnerability to cybercrime.
Cybercrime, according to the World Economic Forum, is one of the 10 global risks for the future.
The forum indicated that the biggest cybersecurity risks for 2023 include identity theft, cyber extortion, financial data loss due to cyber attacks, attacks on critical infrastructure, geopolitical instability and cyber war, blackmail due to compromised personal data and falsified or stolen medical data.
Petzer said the country can expect a marked increase in attacks on government departments and for cybercrime to be marked as one of the biggest risks to business in the country for this year, 2023.
“SA businesses plan to spend 22% more on cybersecurity in the next three years,” he said.
The proliferation of ransomware is likely to continue, including an increase in cyber harassment, cyber extortion, sextortion and cybercrime against children.
He said cybersecurity was consistently ranked among the top most in demand fields in IT and technology and that 87% of local organisations do not have adequate cybersecurity skills.
As part of the solutions to deal with cybercrime, he suggested that concerted efforts needed to be made to increase the pipeline of cybersecurity professionals.
“Cybersecurity is not just technical. Soft skills for cybersecurity can come from fields such as economics, law, psychology, sociology, communications and media studies.”