South Africa’s cybersecurity inadequate
Following the COVID-19 pandemic and the Russian invasion of Ukraine, the world has seen an increase in cyber-related incidents and South Africa has not been spared. Despite an improvement in local cybersecurity legislation, the country is vulnerable to threats against its national security and commercial interests because of a lack of money and technical expertise.
The Council for Scientific and Industrial Research’s (CSIR) Billy Petzer says one of the reasons for the increase in cyberattacks since the pandemic is that many people moved away from more secure offices and networks to working from home where there was less security.
Petzer, the Research Group Leader in the Information and Cyber Security Centre, indicated that South Africa has become a very attractive target for criminals because of the high number of people who are online, many of whom are inexperienced internet users and often too trusting in cyberspace. He noted that individuals had become high-risk targets. Almost 60 percent of the country’s population is reported to be online.
To counter the criminals, he stressed the importance of training and awareness – saying many people relied too much on technology without being aware of the risks their actions pose, regardless of the security technologies they might have in place. He said: “I think training and awareness is failing the man in the street. People don’t know to ask the right questions. You can’t blame the man in the street that has not been exposed to the information they need to do that.”
Some good rules to follow include never giving your personal information to anyone who calls you on the phone or who sends you an email requesting your data; not accessing personal or financial data with public Wi-Fi; choosing apps wisely and not trusting links and attachments if you are not sure of the source.
Petzer highlighted fraud and identity theft as some of the main challenges facing the country as well as SIM swaps. He said: “These are all things we need to counter and work against. We are looking at efforts to counter fraudulent SIM swaps that is in the early stages, it is on our radar.”
SIM swapping takes place when people contact your mobile phone’s service provide and trick them into activating a SIM card that the fraudsters have. This enables them to have control over your phone number. Anyone calling or texting the number will contact the fraudster’s device, not your phone, making it easy to perform identity theft or intercept one-time-pins sent by banks.
While government and business had not invested as much as they should in cybersecurity, he said it was getting better. In the past, companies tended to spend less on security and would then have to spend more to fix the problem after a breach. “I think the awareness is growing. The government is placing a lot of emphasis on it – we can see that through a lot of the legislation that is coming out like the Protection of Personal Information Act (POPIA) and the Cybercrimes Act. We are moving in the right direction, but it’s a slow, complex machine to turn around”, he said.
The impact of cyberattacks on business was clearly illustrated when Transnet declared a force majeure at the country’s ports and container terminals after its systems were hacked in July 2021. In September last year, court systems across the country collapsed after the justice department suffered a ransomware attack on its IT systems.
One of the challenges facing South Africa that Petzer pointed to, was a huge lack of skills in cyber security. He said: “I think universities need to lower the bar of access for people to become certified in cyber security. At the moment there aren’t really any formal degrees for cyber security. Usually, people would have to study for a full engineering degree or an IT degree and then they would have to specialise in cyber security by obtaining additional certifications and experience. At the moment it takes up to eight to ten years to become a skilled cyber security professional, but at the same time technology and threats are evolving rapidly.”
Outlining the CSIR’s work in the field, he explained that his section fell under the Defence and Security Cluster and they focused on cyber security across the entire spectrum which included training and awareness, skills developments, as well as the development of policies and what to do in specific situation, for instance if someone’s personal information is leaked.
Petzer said they also test systems to identify weaknesses and then make changes to counter this. These are the white hat hackers – as opposed to the black hat hackers, who access systems illegally with malicious intent. The CSIR’s team also innovate and develop local solutions and security layers to monitor networks and pick up attacks as they occur. Often, he said attacks are only detected long after the breaches have taken place.
South Africa is ranked among the top ten countries in the world that reported the most cybercrimes to the US Federal Bureau of Investigation in 2020 and 2021. Research by the global cybersecurity company, Kaspersky, indicates that between January and April this year, ransomware attacks in South Africa doubled compared to the same period last year.
According to a Forbes article, in 2021 the average number of cyberattacks and data breaches across the world increased by 15.1 percent from the previous year.
Looking ahead to the future challenges facing the country, Petzer said each generation experienced different challenges and tended to be vulnerable to different tactics as the understood and interacted with technologies differently. He noted: “Millennials and Generation Zs tend to fall for sextortion scams. (The US-based Pew Research Center has defined Millennials as those born between 1981 and 1997 and Gen zs as those born between 1997 and 2015). They are more comfortable sending intimate pictures of themselves. The challenges to be faced by the generation after that, who knows?”