Pretoria - With more South African businesses and government institutions migrating to digital platforms, research by cyber security organisations has noted a growing need for a sustained national public awareness campaign to inform, educate and mobilise the public against a growing pandemic of cyber crime.
The African Cyber threat Assessment Report 2021 found that South Africa had the highest number of targeted ransomware and business email compromise attacks in Africa.
Similarly, the 2022 State of Email Security report, revealed that more than three out of every four South African organisations were receiving an increased number of email-based threats, with two-thirds bracing for the fallout from an email-borne attack.
Moss Gondwe, public sector director at Mimecast, an internationally based IT security firm, said Interpol data found that cybercrime cost the South African economy $573 million in 2016. An Accenture report five years later warned that South Africa had the third-highest number of cybercrime victims worldwide, at a cost to the economy of R2.2 billion a year.
Gondwe said 60% of local firms were hurt by a ransomware attacks in the past year, up from less than half in 2020.
The cost of such attacks could be devastating to the economy, he said, as a 2021 report found the average ransom payment by South African organisations was more than R3.2 million.
“The past few years we also saw several high-profile cyber attacks on private companies including a hospital group, credit bureau, public institutions and vital infrastructure, including the country's justice system, ports and several government departments.
“Sensationally, the matter received front-page attention after a hacker group threatened to release President Cyril Ramaphosa’s personal and private information publicly, proving that no person is safe,” Gondwe explained.
Efforts were under way to upgrade the country’s digital infrastructure and build resilience against cyber threats, he said, but a need existed to improve cyber awareness among the population.
“Nearly all successful cyber attacks worldwide are caused by human error. Clicking on an unsafe link or accidentally disclosing sensitive personal or financial information to a threat actor can lead to infected devices, being locked out of online accounts and even breaches of one’s online banking profile,” Gondwe said. A campaign must be launched to mobilise the public around safe online conduct.