South Africa is one of the "top ten" countries with the highest percentage of compromised computers in the world, an international expert on cyber theft said in Durban.
The world was changing and a broadband revolution was now taking place in South Africa, and just like other countries, it was just as vulnerable to cyber attacks, online extortion or unsolicited spam as any other country.
For the rogues involved in organised crime don't care where you live and could harvest information from home and office computers - and people might not even know it had been done, said Ed Gibson, a former FBI special agent.
"Your broadband is coming alive, but that also means you have got to be alive," he said.
Gibson, who is now a director of forensic technology solutions with PricewaterhouseCoopers (PwC) in Washington, DC, was speaking about electronic espionage and the risks facing businesses from cyber attacks, at a breakfast briefing organised by the Durban branch of PwC at the Inkosi Albert Luthuli International Convention Centre.
As PwC's global face of cyber security and online business risk issues, Gibson helps organisations prevent, investigate and recover from economic espionage, complex money laundering, cyber fraud schemes and intellectual property theft.
A cyber trailblazer and an expert witness in white collar crime and money laundering cases, he was the first FBI agent to use the US Patriot Act for emergency requests for international cyber investigations involving terrorism, kidnapping, extortion, blackmail and crimes against children.
He was also a lead instructor in the FBI's first asset forfeiture and money laundering training for agents.
Later, on a high-profile posting to the US Embassy in London, his work with a Welsh police force resulted in the first international arrest and conviction of a cyber hacker.
He was then head-hunted by Microsoft in the UK and was their chief cyber security advisor before joining PwC.
Gibson told his Durban audience that many chief executives around the world had told him cyber theft would never happen to them.
South African businesses targeted by extortionists generally received e-mails - sometimes from people they knew - telling them their computer systems were under the extortionist's control.
And they usually paid up too, because, just like major companies around the globe, they wanted to hide the fact that their computer systems had been compromised.
They could call in experts later to address the situation, but Gibson advised that prevention was always preferable.
He also warned against ignoring messages about upgrading computer systems, because these could become vulnerable to hacking.
Microsoft did an upgrade every second Tuesday, and if users did not take this up, their computers could be compromised in less than an hour, he said: "It's as simple as that."
He also warned about a spam e-mail doing the rounds in South Africa, telling people that about R40 000 had been deposited into their bank accounts. But the moment someone clicked on this message, his or her computer would be compromised, he said.
Globally, the biggest money-maker was not pornography, as many would imagine, but e-mail advertisements telling people that their computers had been compromised and that they should download certain software to address the problem. Of course, they had to send their credit card details, and maybe even their home address.
Organised crime could not move the money fast enough from this scam, which was making more than $1-million (about R7-million) a day.
Meanwhile, South African police who daily deal with Internet fraud could be getting further forensic training from global experts, said Gibson,
"Issues will be covered that will be very beneficial in the investigation of fraud cases," he said.
Meanwhile, PwC's director in Durban, Trevor White, who is responsible for forensic services in KwaZulu-Natal and Swaziland, said in an interview that cyber-related crime represented a "huge amount" of the company's work.
These involved ex-employees of companies who stole information from their bosses before starting up their own businesses, or stole client address books before going to work for a competitor.
Several methods were used to steal the data, but investigators were able to work out what information had been taken, he said.