In December the Postbank lost R42 million to hackers. Afterwards experts called for a new cyber policing strategy. After 20 years on the Internet I did not know we had a cyber policing strategy in place. During 1997-2003 I worked for major Internet Service Providers and three banks running their IT Security. If South Africa has a national cybercrime strategy, it’s time we know more about it.
Professor Basie von Solms, from University of Johannesburg, warned parliament against internet fraud like the Postbank loss over the 2011 festive season. While I was direct of Computer Society South Africa, I was engaged with Prof von Solms and found him honest and direct. He said, while SA Police Service had highly skilled cyber specialists, there were not enough of them. There was no overarching policy to protect the security of SA’s interconnected computer networks.
Von Solms said a draft cyber security strategy was circulated in 2010 by the government but nothing further had been heard of it. Without a cyber policing unit with compliance inspectors, cyber crime and cyber terrorism would just increase. Most countries had a computer security incident response team that tracked global trends in cyber crime and virus attacks to spread awareness and propose measures to address them.
“We are allowing citizens to use the internet more and more but are not protecting them.” This reads like something from 1984 or Brave New World professor. Citizens needs education on safe use on the Internet. No amount of laws will stop stupidity.
He believed Parliament had an obligation to conduct oversight of the cyber security of government departments and other state entities. The failure to exercise this oversight was partly to blame, he said, for the debacle at the Postbank as no check had been made of its computer security system.
According to the annual Norton Cybercrime report, South Africa ranked #3 in the world. They estimate consumers lost close to $20.7 billion after falling prey to cybercrime including attacks, malware and phishing. The highest numbers of cybercrime victims were found in Russia (92 percent), China (84 percent) and South Africa (80 percent).
To reduce your risk we recommend the following:
- Study Internet Security Awareness Basics from Gideon Rasmussen
- Ensure your HR department talks to your IT department once a month about IT Security issues
- Ensure you make your staff, teachers and students (in school or university) sign an Internet usage policy.
For information on our new Internet Security Awareness workshop, contact our national office.