It’s estimated that by 2021 the global cost of cybercrime will be a staggering
$6 trillion per year, and, according to the IBM 2019 Cost of Data Study, data breach costs in South Africa have significantly increased from 2018, reaching R43.3 million in 2019.

During the same period, more than half of data breaches in South Africa were caused by malicious or criminal cyber-attacks, so it’s no wonder that cybersecurity has become a major concern for governments and citizens alike. However, looking at these numbers, it appears that not enough is being done. South Africa – along with the African continent in general – lags behind when it comes to proactive cybersecurity  protection. We look at why it’s so important, and what the South African government is doing to address this scourge.  

Why cybersecurity is vital

People used to think that cybersecurity was restricted to the IT department or state intelligence, but times have definitely changed – not only is it the concern of large corporations and government, but it’s a major problem for individual citizens, too.

Personal devices such as laptops and smartphones contain sensitive information which cyber-criminals may use to their advantage. Living in today’s advanced and ever-changing digital era means that private information is more vulnerable than ever before. Remember, Wi-Fi as we know it became popular in 1997, and the iPhone was launched in 2007; the proliferation of these technologies has allowed us to easily access the internet, even on the go, yet this ease of access to the World Wide Web comes at a price, as it has opened up citizens, governments and organisations alike to all kinds of cyber-threats.

Any device or system that links up to the internet (or that even connects to another computer) is compromised when it comes to potential security breaches. Devices and systems that can be vulnerable to attack and breaches include:

  • Personal communication systems such as emails or SMSes
  • Transportation systems: traffic control, car GPS, aviation navigation systems
  • Smart devices like light bulbs and voice assistants
  • Financial systems
  • Medical records
  • Systems linked to educational institutions
  • Government databases such as tax information

A major security breach will have significant consequences, and it happens on a large scale too: according to cyber-analytics firm Kaspersky Lab, there are 13 842 cyber-attacks daily in the country. It also takes, on average, 279 days to identify and contain a breach in the first place, and the financial costs of a breach can be huge, along with the cost of reputational damage.

Common types of cyber-attacks

A cyber-attack is deliberate exploitation of computer systems, technology-dependent enterprises, and networks. Cyber-attacks use malicious code to alter computer code, logic or data, resulting in compromised data, which leads to cybercrime (such as identity theft, fraud, extortion, breach of access, and systems infiltration). Below are a few common types of attacks (but this list is by no means exhaustive):

Malware is malicious software such as spyware, ransomware, worms, and viruses. This type of breach occurs within a network via a vulnerability such as clicking on a link or email attachment which then installs the malware.

Phishing involves sending a communication that appears to come from a reputable source but is fraudulent, usually through email. The purpose is to steal sensitive information or to install malware on the victim’s device. Phishing is an increasingly common cyber-threat, and not even SSL certificates help – 58% of phishing sites used SSL certificates in Q1 2019.

Man-in-the-middle attacks take place when attackers enter into a two-party transaction and intercept communications (without either of the two parties being aware). Once the traffic is intercepted, the data is unencrypted and stolen. These types of attacks are either executed due to close physical proximity (via an unsecure Wi-Fi network, for example) or through malware.

Denial-of-service (DoS) attacks bombard systems, servers, or networks with traffic so that they crash. As a result, the system is unable to fulfil legitimate requests and attackers can hijack the system. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of-service (DDoS) attack. 

A Structured Query Language (SQL) injection takes place when an attacker inserts malicious code into a server that uses SQL programming language; the attacker then manipulates the server to reveal information it normally would not. This type of attack can expose sensitive information like customers’ personal information and administrative credentials.

What is the government’s role in protecting citizens?  

Big business is usually well-equipped and has the resources to mitigate and respond to cyber-attacks, but the most vulnerable are ordinary citizens who may not even be aware of an attack. Governments’ primary and constitutional mandate is the protection and empowerment of its citizens.

In a quest to combat cybercrime, the South African government has tabled the Cybercrime Bill before parliament. Once it’s passed as law, the Act will allow the South African Police Service to act against cybercrime, and stringent security requirements will need to be adhered to when it comes to managing personal data for various institutions, especially banks, electronic service providers, and financial institutions.

The Bill also requires alignment between data protection Acts such as the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA) and POPIA. Once enacted it’s hoped that the Cybercrime Bill will allow for robust action against cybercrime, as its predecessor, the Electronic Communications and Transactions Act, was criticised for being too broad, while RICA has been viewed as an infringement of the right to privacy. The Cybercrimes Bill itself was subject to intense public scrutiny due to privacy and freedom of expression concerns, but it has since been updated with a redaction of its problematic cybersecurity section.    

There’s still a long way to go, however, and challenges like a lack of resources, ICT skills, and the slow process of enacting laws all hamper the fight against cybercrime. The Cyber Exposure Index ranks South Africa sixth on the list of most-targeted countries for cyber-attacks, and government intervention is clearly needed, and fast: cybercrimes are both a threat to the economy and to citizens’ privacy.