/ 23 October 2013

Cybercrime ‘national crisis’ costing SA R1b a year

South Africa had proven to be a particularly fertile ground for cybercrime.
South Africa had proven to be a particularly fertile ground for cybercrime. (Reuters)

The FBI in the United States listed South Africa as the sixth most active country where cybercrime took place.

Informal consensus within the private sector saw South Africa ranked third, behind Russia and China, head of business crime and forensics at Werksmans, Dave Loxton told reporters in Johannesburg.

In two to three years it was estimated that the proceeds from cybercrime would outweigh those from all other forms of crime combined, as it had grown exponentially and would continue to do so.

Cybercrime is any crime involving a computer or the internet.

South Africa had proven to be a particularly fertile ground for cybercrime due to it being a "lawless society", with cybercrime syndicates knowing that law enforcement was "paper thin", with low chances of being arrested and successfully convicted, said Loxton.

It was rare that cybercriminals were individuals, with syndicates operating almost like businesses.

Drug running, human trafficking
Cybercrime was linked to other illegal activities such as drug running and human trafficking.

Comparing the FBI's cybercrime enforcement to that of the South African police was like comparing "chalk and cheese".

"We are generally dealing with highly intelligent, sophisticated people … it is a national crisis," Loxton said.

"The syndicates find it quite easy to operate in South Africa due to a lack of resources."

The government and private sector needed to first recognise that there was a problem, and following that, throw resources into combating cybercrime, said Loxton.

Citizens needed to recognise the threat of cybercrime existed, and use common sense.

Loxton also added that government needed to train police and prosecutors to know how to successfully investigate and arrest cybercriminals, and to explain prosecuting cybercrime before a judge.

The private sector needed to have the necessary skills in-house to deal with potential threats, and implement policies to reduce their exposure.

Employees bringing their own devices to work was a potential security threat, and this needed to be taken into consideration.

The Norton security firm stated that around $110-billion was lost worldwide due to cybercrime.

Facebook accounts compromised
"It started off with guys hacking for fun and people started realising they could make a fortune … suddenly the whole industry changed," he said.

One of the new trends people needed to be aware of was the abuse of social media.

Around 600 000 Facebook accounts worldwide were compromised daily, while 1.5-million people became victims of cybercrime daily, broken down to 18 people per a second.

"The big concern is that the compromise is taking place due to lack of common sense," Loxton said.

​Using simple passwords based on birthdays, surnames and other information easily available to cybercriminals needed to be avoided, as criminals knew that people chose passwords that were easy to remember.

"The software [to crack passwords] is there. One needs to have strong, strong passwords," he said.

While people made sure they had internet security and anti-virus software on their computers, smart phones, tablets and other mobile devices used for social media, business and communication were being neglected.

Often those buying a new smartphone, as an example, would ask about the screen size, but not about its security features.

The cloning of Facebook accounts was in a way as or sending money to cybercriminals posing as friends.

Loxton said South Africa's banking sector was "superb", as the major banks had strong internal forensic services.

The problem lay with the customers.

"I think our banks our superb. They can't answer to their customers that are stupid, to be blunt," Loxton said.

"The advice is there … they can't protect customers from themselves. You can't protect people from their own greed and foolishness." – Sapa