SA cyber threat barometer released
SECURITYBy BiztechAfrica - Sept. 28, 2012, 9:11 p.m.
With over R2.6bn stolen in cybercrimes in SA in the past 18 months, a new report maps out the biggest cyber threats in the country.
The 2012/13 South African Cyber Threat Barometer was released by IT security firm Wolfpack Information Risk in Johannesburg today. Wolfpack Managing Director Craig Rosewarne said the report was the result of extensive research into the cyber threat landscape in South Africa.
“The report is intended to provide ongoing insight to support the Cabinet’s recently-approved National Cyber Security Policy Framework,” he said, and was researched and compiled with the support of the British High Commission.
Rosewarne said while the true cost of cyber crime was difficult to assess, conservative estimates showed that over R2.6 billion rand had been stolen in cyber crimes in the country in the past 18 months. With a recovery rate of up to 75%, much of the stolen money had been recovered, but the impact and additional costs of cyber crime were far greater than this, he noted. Relatively few cyber crimes are reported and successfully prosecuted in SA, Rosewarne said.
The report warned that the African continent as a whole is particularly vulnerable to cyber security threats. With cheaper and faster internet, more Africans will be ‘always on’ or continually connected, increasing the number of ‘new’ internet users who are not security-savvy, it said.
Rosewarne noted that cyber crime threatens everyone, and called on the public and private sector to work together to combat it. He said key issues identified in the research included poor threat management, with inadequate maintenance and management of audit logs; the lack of a national Computer Security Incident Response Team (CIRT) in SA and a lack of deep technical skills. He added that archaic processes and a lack of information security skills in law enforcement agencies made reporting and prosecution in cyber crimes difficult.
Collaboration between the public and private sector, specialised training and the establishment of a CIRT were among the recommendations made to combat the threats.
Stakeholders in key sectors were polled on what they saw as the greatest potential threats to their industries. The threat of denial of service (DoS) attacks and the unavailability of ICT were cited as the highest potential cyber threats against government and financial sectors and were ranked high in the telecoms sector.
Intrusions and economic fraud were ranked as the second-greatest cyber threats in SA.
On the question of what are seen as the services most likely to be targeted by cyber criminals in SA, respondents said internet banking, e-commerce web sites and social and entertainment web sites were likely targets. Respondents in government felt that critical information infrastructure was also at risk.
MORE SECURITY NEWS
Corporate cyber security threats of the year91% of organisations polled suffered a cyber-attack at least once in the past year, says Kaspersky Lab in its security review of 2013. Read More
Managed security services grows in EMEAThe managed security services market in EMEA is experiencing rapid growth as the proliferation of targeted cyber attacks compel organisations to turn to MSS providers for their security needs, says Frost & Sullivan. Read More
Expert predicts ‘doom’ for corporate GhanaA cybercrime expert has warned that urgent steps must be taken to address the ‘incessant cybercrimes' impacting corporates in Ghana. Read More
Q3 2013 sees alarming growth in data threatsThe third quarter of 2013 was a turning point for malware writers specialising in mobile platforms, says Kaspersky Lab. Read More
Fortinet illustrates need for real world firewall testingSecurity solutions firm Fortinet has illustrated the significant difference in performance achieved by various Next Generation Firewalls under real world conditions. Read More
Cyber Security Africa to host the 2nd East Africa IT & Cyber Security ConventionAfter the success of the inaugural East Africa IT & Cyber Security Convention last year, the global event series for heads of ICT and security enters its second year. Read More
New guidelines for securing card dataThe international PCI Security Standards Council (PCI SSC) has published version 3.0 of the PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS). Read More
ARM, NetClean partner to stop child abuse contentSpecialist security distributor African Risk Mitigation (ARM) has partnered with NetClean in the fight against the proliferation of child sexual abuse images across Africa. Read More
Have you been breached?Given that recent research has revealed that the average advanced persistent threat lurks on a business network for hundreds of days before it is discovered, how do businesses tell that their network has been compromised? Read More
FEATURED STORYGaming app introduces investors to trading
A new virtual stock market app is equipping would-be investors with the skills they need to trade.
BEST READ NEWS
IN DEPTHCorporate cyber security threats of the year
91% of organisations polled suffered a cyber-attack at least once in the past year, says Kaspersky Lab in its security review of 2013.