SouthAfrica is the third worst in the world when it comes to cybercrime attacks, according to findings by AT Kearney’s Information Security sector.
With 35.2 million South Africans predicted to be mobile internet subscribers by 2018, experts say cyberattacks are a big risk to people who are using mobile devices for financial transactions.
A Wolfpack Information Risk study last year found South Africa’s annual loss due to cybercrime is R2.65 billion.
The head of Strategic IT at AT Kearney South Africa, Cay-Bernhard Frank, said the estimated cost of worldwide cyber security ranged from $400 billion to $2.2 trillion, which is more than the GDP of South Africa – which was around $240bn (about R3 trillion) at the end of last year, according to StatsSA.
Frank said South Africans were also more relaxed about exchanging information on social platforms compared to countries like Germany, where there was strict legislation when it comes to information exchange.
“When you look at an application you install on a smartphone, you need to verify if it comes from a trusted source,” he said.
Dr Boris Piwinger, global leader of Information Security for AT Kearney, said sensitive data is increasing as the modern enterprise becomes progressively more connected and cybercriminals are turning to attack internet infrastructure.
He said that when it comes to gaining information from mobile internet users, it is usually a higher target market being reached despite the financial gain being smaller than infiltrating a computer system of a large corporation.
The fact that South Africa is a new market to the mobile internet sector also means that the sophisticated data protection is not always accessible or affordable.
“There is a huge growth in new mobile users who are not experienced in the way cyberattackers operate,” Piwinger said.
SA Banking Risk Information Centre chief executive Kalyani Pillay said some modus operandi that impact on banking customers include data compromises, which happen in several ways.
Pillay said it was important to ensure that computers and mobile phones have appropriate and updated security measures installed.