South Africa is a high risk country for cybercrime and a hotspot for cyber criminals. As electronic data and information are among the most important assets in your business, it is important to have adequate protection against potential cyber-attacks.
Cybercrime, which includes the theft of personal data, copyright infringement and fraud, has surpassed illegal drug trafficking as a criminal money maker. More than 8.8 million South Africans were the target of online or cybercrime last year. Without a sophisticated security package, your unprotected PC can become infected within four minutes of connecting to the Internet. Ignorance and naivety of staff may also leave you exposed to criminals.
To stop cybercrime and improve online security, the new Cybercrimes and Cybersecurity Bill was tabled in Parliament on 22 February 2017. Seeking to protect the confidentiality, integrity and availability of computer data and systems, the Bill defines over 50 offences as well as the penalties for transgressors.
In spite of legislation against cybercrime, this criminal activity persists, and presents many risks and consequences for you and your business. These include the risk of sensitive and confidential client information being leaked, and the risk of unauthorised, external access to the personal and financial data of employees, clients and third parties.
Other risks of cybercrime include system unavailability and downtime, your business being held to ransom, loss of revenue and/or data, reputational damage and costs associated with reducing the impact of a breach, loss of competitive advantage, industry and regulatory fines and penalties, and litigation arising from compromised data.
There are steps you can take to protect yourself, staff, clients and your business against cybercrime. These include:
- Education – By educating yourself and your staff about Internet scams and how to avert them, you stay one step ahead of cybercriminals.
- Use a firewall – Firewalls monitor traffic between your computer or network and the Internet, and serve as a great first line of defence to keep intruders out. Be sure to use the firewall that comes with your security software.
- Click with caution – Do not to click on links in messages from people you do not know. The link could take you to a fake website that asks for your private information or it could download malware onto your computer. Even if the message is from someone you know, be cautious. Look out for signs that a message is illegitimate.
- Practice safe surfing – When navigating the web, take precautions to avoid deceiving websites that ask for your personal information and pages that contain malware. Use a search engine to help you navigate to the correct web address, as it corrects misspellings.
- Practice safe shopping – Be careful where you shop online, especially on sites where you are shopping for the first time. Look for a trust mark, such as McAfee SECURE™, to tell you if the site is safe. On payment pages, look for the lock symbol in your browser. Click on the icon to ensure the security certificate pertains to the site you are on. Also check the address bar to see if the site starts with https:// instead of http://. When paying online, use a credit card instead of a debit card. If the site is fraudulent, your credit card issuer may reimburse you for the charges, but after a debit card payment, your money is gone.
- Use comprehensive security software and keep your system updated – This can protect you from all risks. Keep your security software up to date by selecting the automatic update function in your control panel. Remember to perform regular scans.
- Update your operating system – Ensure you update your operating system (OS) and browser with the latest security patches. If you are a Microsoft Windows user, enable automatic updates to keep your OS safe.
- Secure your wireless network – Hackers can access data while it is in transit on an unsecured wireless network. You can keep hackers out by enabling the firewall on your router and changing the router’s administrator password from its default password.
- Use strong passwords – Short passwords that reference your birthday, middle name or pet’s name make it easy for hackers to access your data, so choose a password that is at least 10 characters long and combines letters, numbers and special characters. Changing your password periodically reduces the likelihood of it being compromised.
- Backup your data regularly – This ensures you still have your data if anything goes wrong. Monitor your accounts and credit reports to make sure a hacker has not stolen your information or identity.
- Cybercrime cover – A good cyber-insurance policy needs to cover first party expenses, taking into account the costs of re-collecting and replacing data, as well as the expenses related to employee overtime, rented external equipment and services. Additionally, the policy should cover loss of business income, the notification expenses incurred to comply with privacy legislation, any crisis management expenses and possible regulatory fines and penalties.
- Always check information – Do not accept that emails from clients are valid. Rather phone clients to confirm their emailed instructions are authentic.
Effective protection against cybercrime can be achieved by educating all staff on the risks inherent in cyberspace and the fundamental rules that make financial transactions and social media activity safer. Enrol now for the Masthead Cybersecurity Online Course and learn how to protect yourself and your business from cybercrime. Click here to find out more.
Cybercrime in South Africa
South Africa is a top target for cybercrime in Africa and ranks among the top five African countries with the highest number of active malicious IP addresses. South Africa reportedly has the third highest number of cybercrime victims worldwide.
In May 2017, South Africa was also affected by the biggest global cyber attack, WannaCry ransomware. This message popped up on computer screens that were attacked by WannaCry ransomware.