gapp awards gallery banner

What makes South Africa a target for cybercrime and what actions can be taken?

As per INTERPOL’s African Cyberthreat Assessment Report 2022, a total of 230-million cyberthreats were detected in South Africa, out of which 219-million or 95.21% were email-based attacks. What’s worse is that the nation is already suffering from an alarming 100% increase in mobile banking application fraud and is experiencing on average 577 malware attacks every hour.

But what are the loopholes in South Africa’s cybersecurity system that bad actors are taking advantage of?

There are 3 primary things that make South Africa particularly susceptible to cybercrime.

1. Poor investment in cybersecurity systems

Compared with other nations, South Africa has comparably weaker cyber defence systems in place. High poverty rate, inequality, low employment rate, shortage of skilled labour and the struggle to keep up with the sophistication and number of cybercrimes are some reasons that count towards the nation’s struggle to combat online attacks.

Although there is a recognition for the need for more stringent cybersecurity systems, a shortage of funds and skilled tech workforce can often impede efforts.

2. Lack of awareness

Not only is there a lack of training but the rapid transition to remote work culture has increased exposure, giving a breeding ground for cyberattacks to take place both in and outside the office, and against both personal and business devices. 

3. Antiquated laws and poor law enforcement training

Hackers take advantage of the fact that cybercrime legislation and training for law enforcement are weak in developing countries. Although South Africa’s Cybercrime Bill was adopted as law in 2021, it still lacks proper training for many cyber police.

‘It has been acknowledged that South Africa is often a target for cybercrime and is amongst the highest cyberattack regions in the world. General opinion will tell you the lack of investment in cybersecurity has been, and remains, a problem which contributes to making South Africa an attractive place for cybercriminals. Another challenge that is a problem worldwide, and even more prevalent in this region, is the availability of technical resources from a support and analytical perspective.’ – Rob Griggs, Regional Managing Director at SecurityHQ SA and John Taylor, Regional Sales Director at SecurityHQ SA. 

Real-life examples of cyberattacks in South Africa

In October 2021, hackers hit the City of Johannesburg with a network breach. As a precautionary step, key government e-services were halted. The hackers demanded a hefty ransom of R500 000 South African Rand or USD 37 000.

Around the same time, a chain of DDoS attacks was launched against multiple banks in South Africa, including Standard Bank and ABSA. Hackers launched the attacks on payday, which significantly delayed pay checks. Much like in the attack against the City of Johannesburg, malicious actors again demanded ransom in Bitcoins.

In February 2022, a highly sophisticated ransomware attack was attempted against internet service provider RSAWEB. The company discovered the attack in time and contained it, followed by restoring services to customers. RSAWEB claims that no customer data was accessed or exploited by threat actors. They were lucky, but many organisations throughout South Africa are targeted every day with ransomware attacks.

How to enhance cybersecurity at both personal and organisational levels?

Threat actors are becoming more sophisticated with their techniques. As a result, new tools, vulnerabilities and attack vectors surface daily, but following a few best practices can help avert cyberattacks. 

– Access only HTTPS websites

HTTPS websites are secured. A padlock sign in the URL bar indicates that the connection between your web browser and the website server is encrypted. It protects you from eavesdroppers or hackers intending to intercept communication between your browser and website server.

– Keep your software and devices updated

Updated and patched software and devices are fuelled with updated codes that are capable of combating newly discovered tactics and procedures. Do not overlook update notifications. 

– Implement a firewall

A firewall uses a set of updated rules to spot and block malicious traffic. Firewall is your first line of defence against malicious and anomalous activity. It is a crucial element that keeps out dangers, controls and monitors activity, accepts, rejects and drops access.

– Regular and high-quality backup

A regular and clean backup can mean a vital difference to securing your information in the event of a ransomware attack. Follow the 3-2-1 backup rule, whereby you make three copies of data, stored in different locations.

– Scan and monitor

Daily scanning and monitoring for malware, vulnerabilities and other issues are required. This is the only way to be aware of security issues targeting your data, people and processes.

– Invest in email authentication

Email authentication protocols add another level of security to your daily operations. You can choose how recipients’ mailboxes should treat emails failing authentication checks by setting policies.

Previous Article
Next Article

NEWS