SA loses R662m to cyber crime
South Africa lost R2.65 billon to cyber crime from January 2011 to August 2012, as cyber crime continues to enjoy exponential growth rates.
This was one of the major takeouts from the South African Cyber Threat Barometer 2012/13 report, which was conducted by local research firm Wolfpack Information Risk.
Presenting the findings of the report in Johannesburg last week, Craig Rosewarne, MD of Wolfpack Information Risk, pointed out that, of the R2.65 billion lost, about 75% was recovered.
"Based on the government's average recovery rate of 75% and similar case study recoveries, the estimated loss figure would be approximately R662.5 million," Rosewarne pointed out.
He also revealed that it is difficult to come up with a definitive figure that reflects the losses due to several factors.
"A large percentage of the incidents are not being reported to law enforcement or government agencies. Of the cases reported, an even smaller percentage actually make it to the courts, where successful prosecutions take place, and information is made available to the public domain."
He also pointed out that cyber crime cases are diluted with common law cases, and in most cases, prosecuted accordingly due to lax penalties on cyber laws such as the Electronics Communication Act versus heavier sentences obtained using common law.
"Lack of cross-industry collaboration and even intelligence sharing across key government agencies once again obscures the figure," Rosewarne noted.
According to the report, government suffered the biggest losses, losing R1.5 billion in the period.
The telecommunications sector came second, losing R1 billion, while the financial services sector lost R150 million.
"Bank customers, according to Sabric, reported related losses of R92.4 million in approximately 10 000 incidents reported industry-wide," Rosewarne pointed out. "A consecutive loss estimate based on other known incidents makes up the balance. With no other industry stats, this is considered to be the minimum loss for the sector."
He also noted that cyber crime is generally on the rise in SA. In its 2012 Norton Cybercrime Report, Symantec claimed that there are 556 million victims of cyber crime every year in SA. This is equal to 1.5 million victims every day, or 18 victims per second, Rosewarne explained.
He also noted that, according to Symantec, one in every 436.1 e-mails was considered malicious and carried a virus. On the other hand, one in every 340.9 e-mails contained malware attacks, marking a 0.023% decrease from June to July 2012. Some 2 189 malicious Web sites were blocked per day, an increase of 4.0% since June.
The report also states that, according to the 11th United Nations Congress of crime prevention and criminal justice, the South African government acknowledged that 341 organised crime groups are known to be operating locally.
Denial of service attacks, economic fraud and theft of confidential information were cited as main concerns for SA in the South African Cyber Threat Barometer 2012/13 report.
Top cyber services targeted are Internet banking, e-commerce sites and social media sites. "Criminals are typically mainly after log-in details, bank or credit card information, and personally identifiable information," Rosewarne explained.
"The most common attack methods are still phishing, the abuse of system privileges and malicious code infections."
Inadequate maintenance, monitoring and analysis of security audit logs have been cited as the most common vulnerability in most sectors in SA, the reports also notes.
It also cites user awareness as a serious issue, adding that some organisations are apathetic and only do the minimum to ensure compliance, while smaller businesses may have the perception that information security only applies to larger organisations.
The report also identifies the lack of a functional Computer Security Incident Response Team in SA as a major problem, as there is no centralised source of information to provide a clear view of cyber crime in the country.
It also urges the country to establish a National Cyber Security Training Academy to help address the need for information security professionals at the national level.
"Cyber security skills in SA are definitely in short supply, with digital forensic skills topping the list in all the sectors in SA. The second most scarce cyber security skill in SA are experienced incident handlers, who are able to respond to a variety of computer security incidents, such as unauthorised data access, inappropriate system usage, malicious code infections and denial of service attacks," Rosewarne explained.
In conclusion, he noted that government cannot combat cyber crime alone and key partnerships across multi-industries in SA, the African continent as well as internationally, are vital to SA's success going forward.