Case Study:
The last two decades have witnessed increased technology adoption in Africa. According to
Forbes, there are more than 600 million total internet users in Africa. Analysis by the IFC and
Google finds that Africa's internet economy has the potential to reach US$180bn by 2025,
accounting for 5.2% of the continent's GDP. By 2050, the projected potential contribution could
reach US$712bn, 8.5% of the continent's GDP. But the rise of the internet also has a dark side,
with the growing risk of private citizens, businesses, and governments falling victim to cybercrime.
The South African Reserve Bank (SARB) has identified cybercrime and emerging technologies as
growing threats to South Africa's banking sector. In its report, the reserve bank said threats
including internet and mobile banking platforms, may be exploited to facilitate money-laundering
and fund terrorism. South Africa is ranked among the top ten countries in the world in terms of
cybercrime. The country is also ranked seventh out of sixteen countries polled for the highest cost
of a cyber breach. The report notes over 90% of the banking sector offers online banking services,
and mobile application banking, except for one mutual bank.
"Although online banking offers faster transactions and more convenient options for banking,
these features are also attractive to criminals. Online features can hide the true identity of clients
(which in-branch visits would have detected), and these features can also hide the true
destination and beneficiaries of funds," says the SARB report. Southern African Fraud Prevention
Service (SAFPS) CEO, Manie van Schalkwyk says consumers must try by all means to make sure
that their data is always secured. According to SABC News, Phishing remains one of the most
prevalent scam techniques. The South African Banking Risk Information Centre (Sabric) estimates
that SA businesses suffer a total of about R250 million in losses each year due to phishing attacks
and internet fraud.
However, according to an article by African Business published on August 8, 2022, Kaspersky, a
Russian firm that provides anti-virus software, in their analysis revealed that attacks related to
data loss threats including phishing, scams, and social engineering increased significantly in Africa
in Q2 2022 in comparison with the previous quarter.
The company detected 10,722,886 phishing attacks in Africa in Q2. Kenyan users were influenced
the most by this type of threat: there were 5,098,534 phishing attacks detected in 3 months - a
growth of 438% when compared with the previous quarter. Kenya was followed by South Africa
(4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of
174%).
The Guardian in an article published August 3, 2022, reported Kaspersky saying social engineering,
"human hacking" scams, are used in many ways, and for different purposes, to lure unwary users
to the site and trick them into entering personal information. It stressed that the latter often
includes financial credentials such as bank account passwords or payment card details, or login
details for social media accounts.
According to the security firm, phishing is a strong attack method because it is done on a large
scale. It stressed that by sending massive waves of emails under the name of legitimate
institutions or promoting fake pages, malicious users increase their chances of success in their
hunt for innocent people's credentials. The article explained that phishers deploy a variety of
tricks to bypass email blocking and lure as many users as possible to their fraudulent sites, adding
that a common technique is HTML attachments with partially or fully obfuscated code. It stressed
that HTML files allow attackers to use scripts, and obfuscate malicious content to make it harder
to detect and send phishing pages as attachments instead of links.
According to a recent Interpol report, about 90% of African businesses are operating without the
necessary cybersecurity protocols and, therefore, are exposed to cyberattacks. The report also
noted that there were more than 700 million threat detections in Africa within one year. Over the
years, there have been efforts from different African countries to address the cybersecurity
challenge. According to an article by Forbes published on August 2, 2022, in South Africa,
President Cyril Ramaphosa signed the Cybercrimes and Cybersecurity Act in 2021. This law
mandates electronic communication service providers and financial institutions to act when their
systems suffer a cybersecurity attack or breach. South Africa had previously signed the Protection
of Personal Information Act No. 4 of 2013 Act into law.
At the continental level, the African Union (AU) adopted the Convention on Cyber Security and
Personal Data Protection, also known as the Malabo Convention, in 2014. This was followed by
the release of the Personal Data Protection Guidelines for Africa, a collaborative measure
between the Internet Society and the AU, in 2018. According to the United Nations Conference on
Trade and Development (UNCTAD), out of the 54 countries in Africa, only 33 (61%) have a data
protection law in place. Meanwhile, Business Tech in an article dated July 8, 2022, said the
Department of Police gazetted its draft search and seizure rules for cybercrimes committed in
South Africa. The Gazette, which is currently open for public comment, falls under the
Cybercrimes Act which was partly introduced by President Cyril Ramaphosa at the end of 2021.
"The Cybercrimes Act provides a new legal mechanism for addressing cybercrime in South Africa,
as well as creating a range of new cybercrime offences," the department said. "It also provides for
mechanisms to preserve electronic evidence in the cyber domain, to conduct the search, access,
and seizure operations in respect of an article as defined in the CCA, and the gathering of data
connected to both cyber and other crimes that are committed by means of or facilitated through
the use of an article." The draft rules also noted that an individual's right to privacy, as well as
other fundamental rights, must always be respected, and any infringement of these rights may
only be justified in terms of the law. "The right to a fair trial is paramount, and the responsibility
of the investigation and prosecution team in terms of gathering, preserving, and presenting
evidence to a court fairly and objectively, remain of utmost importance." Without serious
cybersecurity efforts, opportunistic criminals around the world stand poised to reap the benefits
of Africa's internet growth story.
Below is an excerpt from the case study related to this question:
“ The South African Banking Risk Information Centre (SABRIC) estimates that SA businesses
suffer a total of about R250 million in losses each year due to phishing attacks and internet
fraud.”
Describe how South African businesses can protect their operating systems to prevent
hackers from attacking their systems.
The answer describes ways for protecting their operating systems and applies to the case study.
To protect their operating systems from hackers, South African businesses can implement several measures:
1. Use Secure Passwords: Businesses should enforce strong password policies, requiring employees to use complex passwords that include a combination of letters, numbers, and special characters. Regular password changes should also be mandated.
2. Multi-Factor Authentication (MFA): Implementing MFA adds an extra layer of security by requiring users to provide multiple forms of identification, such as a password and a unique code sent to their mobile device.
3. Regular Software Updates: Operating systems should be kept up to date with the latest security patches and updates. These updates often include fixes for known vulnerabilities and weaknesses.
4. Use Firewalls and Antivirus Software: Deploying firewalls and installing reputable antivirus software can help detect and block malicious activities, such as phishing attempts and malware.
5. Employee Training and Awareness: Businesses should conduct regular cybersecurity training sessions to educate employees about common threats, such as phishing scams, and teach them how to recognize and report suspicious activities.
6. Conduct Vulnerability Assessments and Penetration Testing: Regular vulnerability assessments and penetration testing can help identify weak points in the business's systems and networks. This allows for proactive measures to be taken to strengthen security.
7. Control Access and Privileges: Implementing access controls and limiting user privileges can help reduce the risk of unauthorized access to sensitive data and systems. This includes regular review and removal of unnecessary access rights.
8. Data Backup and Disaster Recovery: Regularly backing up important data and having a disaster recovery plan in place can help businesses recover quickly in the event of a cyber-attack or system failure.
9. Network Segmentation: Separating critical systems and sensitive data into separate network segments can help mitigate the potential impact of a security breach.
10. Regular Monitoring and Incident Response: Implementing a robust monitoring system enables businesses to detect and respond to security incidents promptly. Having an incident response plan in place ensures that proper actions are taken to limit damage and mitigate future risks.
Implementing these measures can significantly enhance the security posture of South African businesses and help prevent hackers from successfully attacking their operating systems.
To protect their operating systems and prevent hackers from attacking their systems, South African businesses can implement the following measures:
1. Update and Patch Systems: Regularly updating and patching operating systems and software is crucial to ensure that known vulnerabilities are patched. These updates often include security patches that fix vulnerabilities that hackers can exploit.
2. Use Strong Passwords and Enable Two-Factor Authentication (2FA): Implementing strong passwords that include a combination of letters, numbers, and special characters is essential. Additionally, enabling two-factor authentication adds an extra layer of security by requiring users to provide a second form of verification, such as a code sent to their mobile device, along with their password.
3. Install Firewall and Antivirus Software: Firewalls monitor network traffic and block unauthorized access, while antivirus software helps detect and remove malware. Businesses should install robust firewall and antivirus software and keep them up to date.
4. Implement Secure Network Practices: Using secure Wi-Fi connections, such as encrypted Wi-Fi networks, helps prevent unauthorized access to business networks. Businesses should also consider using virtual private networks (VPNs), especially when accessing their systems remotely.
5. Conduct Regular Data Backups: Regularly backing up important data ensures that even if a system is compromised, the data can be restored. Businesses should implement automated backup systems and securely store backups offline or in a separate location.
6. Educate Employees on Cybersecurity Best Practices: Cybersecurity awareness training is essential for all employees. This training should cover topics such as recognizing phishing emails, avoiding suspicious websites, and safely handling sensitive information. Employees should also be instructed not to click on unknown links or download attachments from untrusted sources.
7. Implement Access Controls: Limiting access to critical systems and data to only authorized personnel helps prevent unauthorized access. Businesses should implement user access controls, such as assigning specific user roles and privileges based on job responsibilities.
8. Regularly Monitor and Analyze Logs: Monitoring and analyzing system logs can help detect any suspicious activities or potential security breaches. Implementing intrusion detection systems (IDS) and security information and event management (SIEM) solutions can assist in monitoring and alerting for potential attacks.
9. Conduct Vulnerability Assessments and Penetration Testing: Regularly conducting vulnerability assessments and penetration testing can help identify potential weaknesses and security flaws within the system. This allows businesses to address these vulnerabilities before they can be exploited by hackers.
10. Establish an Incident Response Plan: Developing an incident response plan is crucial in case of a security incident. This plan outlines the steps to be taken during and after a security breach, including isolating affected systems, notifying relevant authorities, and recovering the system.
By implementing these measures, South African businesses can significantly reduce the risk of hackers attacking their operating systems and protect their valuable data and assets from cyber threats.
To protect their operating systems and prevent hackers from attacking their systems, South African businesses can take several measures. Here are some ways they can enhance their cybersecurity:
1. Use Strong and Unique Passwords: Encourage employees to create complex passwords that include a combination of uppercase and lowercase letters, numbers, and special characters. Each password should be unique and not used for multiple accounts. Implementing a strong password policy and enforcing regular password changes is essential.
2. Enable Two-Factor Authentication: Two-factor authentication adds an extra layer of security by requiring users to provide an additional verification step, such as a temporary code sent to their mobile device, along with their password. This makes it more difficult for hackers to gain unauthorized access.
3. Keep Software Updated: Regularly update operating systems, applications, and software to the latest versions. These updates often include critical security patches that address vulnerabilities exploited by hackers. Enabling automatic updates or using centralized patch management systems can help ensure timely installations.
4. Install Reliable Antivirus and Antimalware Software: Deploy robust antivirus and antimalware solutions that provide real-time protection against known threats. These tools should be regularly updated to stay ahead of emerging malware and detect suspicious activities.
5. Implement Firewalls and Intrusion Detection Systems: Firewalls act as a barrier between internal networks and the internet, filtering incoming and outgoing data traffic. Intrusion Detection Systems (IDS) monitor network traffic for suspicious activities and alert administrators when potential threats are detected. Configuring firewalls and IDS properly can help mitigate various cyber threats.
6. Conduct Regular Data Backups: Regularly back up critical data and store copies in a secure location, either offsite or on cloud storage. In the event of a security breach or system failure, having recent backups can minimize downtime and ensure data recovery.
7. Provide Employee Training: Educate employees about cybersecurity best practices, such as identifying phishing emails, avoiding suspicious websites, and not clicking on unknown links or downloading attachments from untrusted sources. Conducting regular cybersecurity awareness training can significantly reduce the risk of successful attacks.
8. Implement Access Controls: Limit access to sensitive information and systems to authorized personnel only. Use role-based access controls (RBAC) to assign specific privileges based on job roles and responsibilities. Regularly review and update access privileges to ensure they align with current requirements.
9. Implement Network Segmentation: Segmenting the network into smaller, isolated segments helps contain potential attacks. If one segment is compromised, it becomes more difficult for hackers to move laterally within the network.
10. Develop an Incident Response Plan: Prepare and regularly update an incident response plan that outlines the steps to be taken in the event of a cyber-attack. This plan should include procedures to isolate affected systems, mitigate the impact of the attack, and restore normal operations.
By implementing these measures, South African businesses can significantly improve their cybersecurity posture and reduce the risk of cyber-attacks on their operating systems. It is important to regularly review and update these security practices as the threat landscape evolves.