Picture: Shutterstock
Cape Town - The cost of cyber security protection and the lack of cyber expertise were some of the reasons why small-and-medium companies in South Africa were becoming increasingly susceptible targets for cyber crime syndicates.

Professor Basie von Solms, the director of the Centre for Cyber Security in the Academy for Computer Science and Software Engineering at the University of Johannesburg said cyber criminals were skimming South Africans of between R2 billion and R3 billion a year.

“I believe that better cyber security defences will bring down corruption and fraud, and will improve service delivery in this country, however, the insider threat is very big, and companies must not only fight the criminals coming from outside, but also those inside,” Von Solms said.

The 13th UN Congress on Crime Prevention and Criminal Justice held in Qatar in 2015 concluded that cyber crime affected more than 431 million adults worldwide and siphons off more than $3 trillion a year from the global economy.

Pieter Erasmus, an IT security strategist who works with Moyo Business Advisory, said the threat of cyber attacks was far bigger than most corporate executives realised.

“The biggest problem remains ignorance and these are the individuals who pose the biggest threat.

“Through so-called social engineering they can be tricked into disclosing passwords and other valuable information without even realising that they had compromised the company’s integrity,” Erasmus said.

Read also: Cyber crime bill crucial but also vexed

He said unscrupulous human behaviour was a big risk facing organisations.

“One of the biggest challenges was the internal security threat posed by employees who either had an axe to grind, or who wanted to help themselves to company funds.”

According to the Global Economic Crime Survey 2016 conducted by PWC, nearly 32 percent of South African organisations have experienced cyber crime, and the number was growing rapidly.

The SA Banking Risk Information Centre estimates that the country loses R2.2 billion to internet fraud and phishing attacks annually.

According to the Global Fraud Report, an annual publication by Kroll, sub-Saharan Africa had the third highest exposure to incidents of cyber fraud in the world.

“We are now dealing with top-tier organised crime syndicates and nation states like China, Russia and North Korea who will go to any length to penetrate systems,” said Erasmus.