As if 2020 wasn’t bad enough with a global pandemic that has brought most of the world to its knees, South Africans have experienced an insult to industry by having the third number of cyber crime victims. A report by Accenture shows that even though South Africa ranks 25th in the world’s population, its citizens experience 577 cyber attacks each hour.
One of the biggest reasons that South Africa has been fraught with such an increase in cybercrime is due to the fact that South Africans have an increasing number of mobile banking applications every year. The malware attacks place malicious software on a technology device for the purpose of stealing money and personal information. The increase in the use of banking apps has contributed to the R2.2 billion in losses in South Africa due to cybercrime.
South Africa has been slow to adopt laws to fight cybercrime, and Accenture indicated that due to this factor, some criminals may be using South Africa as a kind of malware testing ground. In addition to the increase in attacks there has been a drastic uptick in discussions about South Africa on the dark web since 2016. Ransomware can be purchased on the dark web for around R1,700 ($100) so that even the most inexperienced criminals can take advantage.
“The increased focus on South Africa by cyber threat actors is due to interconnected factors such as lack of investment in cyber security, developing cybercrime legislation and law enforcement training, poor public knowledge of cyber threats – to mention a few,” says [Clive] Brindley,” [senior manager within the security practice at Accenture in Africa.]
But ransomware is only the tip of the iceberg when it comes to cybercrime. Many of the threat actors are gaining success in attacking South African high-profile internet service providers and even providers of electrical services with DDos attacks. In 2019 hackers launched a Ddos attack on some local banks and then demanded a ransom to stop the attacks of fake traffic.
Even with the billions lost in revenue, customer data, and reputation, many companies and groups haven’t bothered to invest in cyber security efforts. Add to this the fact that there continues to be poor public education on cyber threats and lack of law enforcement training, and it has placed South Africa in a tenuous and vulnerable position for cybercrime.
Although PoPI (the Protection of Personal Information Act) was put into place in 2013, it has been slow to implement. The Act is intended to make businesses have minimum requirements for maintaining/processing personal information and require that third parties be notified in case of a potential breach. Unfortunately, too many in all facets of South African life have continued to put their heads in the sand to ignore the elephant in the room that is cybercrime. The results of this condition has been financial and personal loss and the time has come for companies to lead the way in making the changes that are needed.
“DaVinci Forensics has been on the frontlines of education, analysis, and recommendations for businesses and individuals to not only be aware of cybercrime, but to take actions to protect their proprietary information as well as customers from breaches and theft.”
– Sharon Knowles, CEO DaVinci Forensics