By Amanda Visser

South African internet users have been described as “inexperienced and less technically alert” than users in other countries, exposing themselves to serious criminal activities.

The country has introduced cybercrime legislation well after most countries facing similar threats, and there has been a lack of investments into cybersecurity by the government, smaller firms and individuals.

A report by iDefense, an Accenture security intelligence company, shows that South Africa has the third-highest number of cybercrime victims in the world. The loss because of these crimes ranges between R2,2 and R2,45 billion per year.

Hackers have become more sophisticated, and although phishing, smishing and vishing remain constant threats, new tactics are surfacing all the time.

According to a cyber alert by the South African Police Service (SAPS), more and more criminals exploit the speed, convenience and anonymity of the internet to commit a diverse range of criminal activities that know no borders, either physical or virtual.

According to the police alert, the crimes can be divided into three areas:

• Attacks against computer hardware and software, for example, botnets, malware and network intrusion;
• financial crimes and corruption, such as online fraud, penetration of online financial services and phishing; and
• abuse in the form of grooming or “sexploitation”, especially crimes against children.

The Cybercrimes Bill was passed by parliament last year and creates new offences relating to data, messages, computers and networks involving hacking, the unlawful interception of data, ransomware attacks, cyber forgery and uttering, and cyber extortion.

The bill also grants law enforcement extensive powers to investigate, search, access and seize various articles, such as computers, databases or networks, writes Ridwaan Boda, Head of Technology, Media and Telecommunication, and Jessica Steele, Associate, at ENSafrica.

The bill further imposes a duty to report certain offences on electronic communications service providers and financial institutions within 72 hours. Failure to do so can lead to a fine of up to R50 000 on conviction.

“Importantly, the bill contains a section criminalising certain malicious communications,” Boda and Steele note. This includes messages that incite damage to property or violence, threaten persons with damage to property or violence, or discloses intimate images.

Anyone contravening these provisions can be fined or imprisoned for a period not exceeding three years or both when convicted.

According to cybersecurity analysts, ransomware attacks have been increasing in South Africa at an alarming rate. Cybercriminals hack a computer or an entire system, encrypt all the data and demand ransom to return the data. According to iDefence, ransomware is widely available for sale for as little as $100.

Niel van Rooyen, Head of Information Security at Vox, said earlier in a statement, “bad actors” can use “innocent questions” to acquire a lot of information to hack your data.

The use of strong passwords is crucial. Using the name of your dog, husband or child in your password may be easy to remember, but it also exposes you to attacks.

Niel believes each and every employee who has access to the company’s systems must undergo a cybersecurity course. People need to be alert to the different cyberattacks to recognise them.

The SAPS provided the following important tips:

• Secure your computer by activating a firewall that will block connections to unknown or bogus sites and keep out many types of viruses and hackers.
• Use antivirus or malware software.
• Block spyware attacks by installing and updating antispyware software.
• Be social media savvy by checking your security settings.
• Protect your e-identity. Remain vigilant when asked for personal information, such as your name, address, phone number or financial information on the internet or during marketing calls. Make sure that websites are secure when making online purchases.
• Always think before you click on a link or file or email of unknown origin.

Photo: Caspar Camille Rubin (Unsplash)