Cyber experts have claimed the country was a fertile ground for cybercriminals to hone their illicit craft, with victims losing about R2.2 billion annually.
Professor Basie von Solms, director of the Centre for Cyber Security at the University of Johannesburg, said the country was the third hardest-hit nation in the world by cybercriminals.
“They know the country is ripe for the picking as most citizens are inept when it comes to cybersecurity. They are too unsuspecting, naive and trusting so they become victims but the issue is a lack of awareness around both the crimes and prevention,” he said.
Von Solms said the country was losing billions of rands to cybercriminals as many went on online onslaughts without repercussions.
“We have legislature like the Cybercrimes Act but that is a meaningless document without enforcement. There is not enough enforcement and for those like the Cybercrimes Unit at the Hawks, they are stretched far too thin. The country does not have enough forensic investigators so when a person reports that their identity and their money has been stolen there is a very low chance that they will ever regain either.”
According to SA Banking Risk Information Centre’s (SABRIC) Annual Crime Statistics 2020, the top issues were identity theft and phishing which was when emails and SMSs were disguised to look legitimate to manipulate victims.
Another cybercrime was vishing which was when a fraudster phones posing as an official from a bank or insurance company to get personal and confidential information. Compromised business emails were another issue where criminals illegally access accounts and communicate as though they are the actual user.
Sizwe Cakwebe, cyber risk manager at SHA Risk Specialists, said the cybercrime industry was worth about R184 trillion globally and with the country having the third-highest number of cybercrime victims, it lost about R2.2 billion a year.
“Cybercriminals are emboldened with new technology that makes data breach attacks easier and more accessible. As a whole, the cybersecurity landscape is getting a little Mad Max. We are all at risk of falling victim, just by the virtue of having a cellphone, laptop, desktop or online presence. It is not a matter of if but when and how bad.”
The Experian data breach in August 2020 was the biggest breach in the country’s history which exposed the personal information of about 24 million citizens, and 793 749 business entities to a sole suspected fraudster.
No financial data was compromised, however, personal information like consumer addresses, ID numbers, names, and occupations were leaked.
Cybersecurity expert John Mc Loughlin, chief executive of J2, said cybercriminals would continue as they illegally obtained troves of personal data and money due to a continued lack of cybersecurity.
“Our security response teams have been involved in far more investigations than before. This happens on a weekly basis and the victims are widespread. Cybercrimes are affecting small and large businesses and government agencies. Targeted ransomware remains popular. Criminals use malware to encrypt data in exchange for a ransom. These happen several times per day and I am aware of many who sweep this under the carpet and pay the ransoms to prevent it coming out into the broader public.”
Bethwel Opil, enterprise sales manager at global cybersecurity company, Kaspersky, said the pandemic was used by cybercriminals to hone their skills and test new methods.
“There has been a sharp rise in cybercrime of all kinds. New hacking groups came on the scene, and with them, new kinds of attacks. There has also been an increase in the number of professional cybercrime gangs. We are monitoring more than 200 cybercrime gangs that have launched hyper-targeted attacks against targets such as banks and governments. From January to June, we recorded 31.5 million cyberthreats targeting users and organisations in SA, an increase of more than three million attacks for the same period in 2020.”
In July, President Cyril Ramaphosa was discovered along with 14 world leaders to have been targeted by Pegasus spyware.
Ramaphosa along with French President Emmanuel Macron, Imran Khan the Prime Minister of Pakistan and Tedros Adhanom the director-general of the World Health Organization appeared in a leaked database of potential targets of the Pegasus spyware.
The Israeli spyware firm NSO Group sells surveillance technology to governments worldwide and the Pegasus spyware reportedly targets iPhones and Android devices allowing users to secretly access data or activate microphones and cameras.