Insight into the cyber threat landscape in South Africa
May 27, 2020
May 27, 2020
As use of technology, the Internet and smartphones grows in South Africa, so does the attack surface and the opportunity for cyber threat actors. In 2019, South Africa saw a cross-industry spike in cyberattacks. iDefense, an Accenture security intelligence company, identifies the reasons for these attacks and how businesses and consumers can defend against them.
As an increasing proportion of the population begins connecting to the Internet for the first time, this inexperience paired with increased exposure is a potent combination that cyber criminals try to exploit.
The scale of the problem is significant—the country has the third-highest number of cybercrime victims worldwide, losing approximately R2.2 billion (US$147 million) a year to cyberattacks. This paper looks at some of the major incidents occurring in 2019, the emerging trends and insights, and the actions businesses can take.
South Africa experienced a cross-industry spike in cyber attacks in 2019. The following facts and figures, taken from a variety of sources over the past 12 months, indicate the scale of the problem:
22%
In malware attacks in South Africa in the first quarter of 2019 compared to the first quarter of 2018, which translates to just under 577 attempted attacks per hour.
79.5%
Card-not-present (CNP) fraud on South African-issued credit cards, making it the leading contributor to gross fraud losses in the country.
100%
Increase in mobile banking application fraud.
Threat actors may perceive South African organisations as potentially having lower defensive barriers than those more developed economies. They may also think they face a lower chance of incurring consequences for their malicious activity. That’s because there is low investment in cyber security and developing cybercrime legislation in South Africa. Threat actors are taking notice.
iDefense recommends a number of actions. These include making use of security and threat intelligence, protecting against internal threats and people-based attacks, and focussing on compliance—applying standards and best practices.
It’s time to get serious about defending your business and protecting your customers against cybercrime.