At its core, cybercrime encompasses a wide range of illicit activities that exploit vulnerabilities in computer networks, software and online platforms. These activities are not limited to lone hackers but often involve organised groups and even state-sponsored actors, such as reported cases of North Korea’s cyber espionage on the US. Cybercriminals target individuals, organisations or even governments.
The most common forms of cybercrime can be categorised as phishing, ransomware, hacking/identity theft and data breaches. The methods used are constantly adapting and getting more sophisticated over time. Let’s take a closer look at some of them:
- Phishing. In this scheme, cybercriminals impersonate trusted entities, such as banks or technology companies, sending fraudulent emails, messages or websites to deceive individuals into divulging sensitive information. Phishing attacks persist because of their relative simplicity and high effectiveness.
- Ransomware. Typically, infected emails and attachments are sent to random targets. If an individual clicks on an infected link or attachment from the email, this malicious software encrypts a victim’s data, rendering it inaccessible. The attacker then demands a ransom, typically in cryptocurrency, in exchange for the decryption key. Ransomware attacks have risen due to the potential for significant financial gain.
- Identity theft. Cybercriminals steal personal information, such as identity numbers, financial records or driver’s licence details to assume the identity of their victims. This information is often used for fraudulent activities, including opening accounts, making purchases and committing financial fraud. The consequences can include substantial financial losses and damage to one’s reputation.
The impact of cybercrime
The repercussions of cybercrime are far-reaching. Individuals can suffer financial losses, exposure to personal information and emotional distress. In contrast, corporations face significant financial setbacks, reputational damage, loss of intellectual property and potential legal issues. The 2021 Cybersecurity Risk Survey by Deloitte revealed that 40% of respondents experienced at least one cybersecurity incident in the past year, highlighting the pervasive nature of this ominous menace.
The scale of the issue
A study commissioned by the cybersecurity company Surfshark identified South Africa as the fifth-most affected country in the world in terms of cybercrime. The widely quoted figure of R2.2-billion lost annually to cybercrime in South Africa comes from a 2013 report by the South African Banking Risk Information Centre (Sabric). Reports from BusinessTech indicate a very concerning 356% increase in impersonation fraud between April 2022 and April 2023. In addition, a cybercrime report by Interpol discovered that more than 230-million cyber threats were detected in South Africa in 2021, the highest number on the continent. Some more startling statistics are that cybercrime is more profitable than the global drug trade, as well as costing more per year than all natural disasters combined. If it were a global economy (measured in GDP), it would rank as the third largest after the USA and China. Chart 1 illustrates how massive the scale of the problem is and how costly cybercrime will be in the coming years.
Chart 1. Estimated cost of cybercrime worldwide (in trillion US dollars) as of November 2022
Targeting critical infrastructure
It is essential to acknowledge that cyber threats transcend national borders. Cybercriminals operate on a global scale and trends in attack techniques and targets often cross geographical boundaries. Understanding these global dynamics is crucial for individuals and organisations seeking to elevate their cybersecurity defences. Cybersecurity has become paramount in safeguarding critical infrastructure, including pipelines, energy grids, water distribution and food-processing plants.
Notable global cybercrime incidents
- SolarWinds Hack (2020). A highly sophisticated supply chain attack compromised numerous US government agencies and private companies, with cybercriminals inserting malicious code into software updates for prolonged access to sensitive data.
- Colonial Pipeline Ransomware Attack (2021). This major fuel supplier in the US fell victim to a ransomware attack that demanded $ 4.4 million in cryptocurrency, leading to fuel shortages and economic disruption.
One of the most targeted sectors within South Africa is the financial services industry. This makes intuitive sense as the companies in this industry have access to confidential information and documents related to client information such as ID numbers, bank account details, etc. These are valuable details to be used by cybercriminals to perform their nefarious activities such as fraud, setting up false bank accounts and more. Think of all the emails and text messages you receive regularly from your “colleagues” or “clients”. These relentless attempts by cybercriminals aim to gain access to information from unsuspecting victims. Individuals can’t afford to let their guard down, as the consequences of a single lapse in concentration can be dire.
Here are some local examples of just how serious the consequences can be:
Notable South African cybercrime incidents
- A ransomware attack took down a R2-trillion investment administration company for five days: Even though the money was not at risk, the outage prevented the financial services provider’s clients from processing investment-related instructions or offering other services. Its asset management clients include Old Mutual, Sanlam Investments and Futuregrowth.
- Department of Justice hit with ransomware attack: The department said the attack led to all its information systems being encrypted and unavailable to internal employees and members of the public. All electronic services provided by the Department including issuing letters of authority, bail services, email and the departmental website were affected.
Countering cybercrime
Effectively countering cybercrime necessitates proactive measures, including:
- Maintaining strong cyber hygiene, such as regular software updates, strong passwords and two-factor authentication. Investing in cybersecurity software, encompassing firewalls, intrusion detection systems and antivirus solutions.
- Continuous education and training to empower employees and users with cybersecurity best practices.
- Implementing advanced threat detection systems and active network monitoring for swift threat identification.
Investing in the latest and most advanced cybersecurity programmes in the market is of the utmost importance. It is one of the best ways to combat potential risks. This is a high priority for global business leaders.
According to PWC’s 26th Annual Global CEO survey in 2023 which spanned 4 410 chief executives, cybercrime was highlighted as a greater potential risk than climate change and an equal risk to geopolitical conflicts over the next five years. It underscores how seriously top business leaders globally are taking this endemic problem.
Chart 2. PwC survey question: How exposed do you believe your company will be to the following threats in the next 12 months and five years?
Investment opportunities in cybersecurity
Some individuals have taken advantage of the investment case for cybersecurity and explored opportunities among the top companies within this sector, including Palo Alto Networks Inc., Fortinet Inc. and Zscaler Inc. among others. The need for and importance of these types of companies will increase.
Chart 3, also from the recent PWC Global CEO survey, underpins what can be considered an investment case for cybersecurity companies. Almost half of CEOs surveyed said they would be increasing their spending on cybersecurity and data privacy in the upcoming year.
Why cybersecurity’s multifaceted significance is important
From a personal perspective, being aware of cybersecurity is crucial as our digital lives are increasingly intertwined with personal information and assets. Cyberattacks can lead to identity theft, financial loss or invasion of privacy. As technology and AI continue to advance, cybercriminals become more sophisticated, making personal vigilance essential.
Understanding and analysing the potentially far-reaching impact on the investment landscape is also becoming more and more prevalent. While there can be significant growth opportunities within cybersecurity-linked sectors, analysing the impact of data breaches on all businesses and how they can result in significant financial losses, reputation damage and legal liabilities is also key. The resilience of a company’s cybersecurity measures is fast becoming a pivotal factor in investment decisions, determining who is better positioned to mitigate risks and safeguard their financial performance. As technology evolves, so will the sophistication of cybercrime, intensifying the importance of these considerations.
Chart 3. PwC survey question: Which of the following actions, if any, is your company considering to mitigate against exposure to geopolitical conflict in the next 12 months?
