Researcher reveals Eskom data leak

By Charlie Osborne for Zero Day 

In what may be a case of “if we ignore it, it will go away,” South Africa’s largest electricity company has become the subject of the public exposure of customer data after ignoring researcher pleas to resolve the problem.

Eskom is South Africa’s state-owned electricity company which generates approximately 95 percent of the region’s electricity, as well as roughly 45 percent of all of the electricity used across the African continent.

On Tuesday, cybersecurity researcher Devin Stokes sent a public tweet to Eskom which appears inlaid with frustration at non-communicativeness from the electricity provider.

Stokes said, “You don’t respond to several disclosure emails, email from journalistic entities, or Twitter DMs, but how about a public tweet? This is going on for weeks here. You need to remove this data from the public view!”

The following image contains a screenshot of what appears to be customer and service-related data, including account IDs, start and end service dates, and meter information:

Several hours later, Stokes published a further screenshot with a live timestamp, commenting, “OK. It got worse.”

It appears that this database entry contained some of the financial data of a customer, including name, card type, a partial card number, and CVV, the three-digit security code which is required for purchases in-person or online.

According to the researcher, the electricity provider has left its billing software database exposed, lacking so much as a password.

The most recent customer estimates available, published in 2016, claim that Eskom accounts for roughly 5.7 million customers across South Africa. It is not known how many customers may have been involved in the reported breach.

However, this may not be the only security failure Eskom needs to grapple with — as one of the company’s own employees may have complicated matters further in their gaming enthusiasm.

In a screenshot posted by MalwareHunterTeam, another Twitter user warned Eskom of the existence of a Trojan on one of their networked, corporate machines. The user reported that the Trojan infected the machine through a fake SIMS 4 game installer.

The Twitter user, going under the handle “@sS55752750,” added that the offending employee is a “senior infrastructure advisor.”

While there has been no news on the exposed database, Eskom did thank the researcher who disclosed the Trojan’s existence, saying, “This has been investigated and the necessary actions have been taken. Thank you for bringing it to our attention.”

“Accidental breaches of this type further drive home the point that every company should have a formal process to accept vulnerability reports from external third parties,” Jon Bottarini, Lead Technical Program Manager for HackerOne told ZDNet in response to the news. “Exposing the vulnerability details on Twitter seems to have been the last-ditch attempt on behalf of the security researcher to try and get in contact with someone who can resolve the issue.”

Eskom told ZDNet that the company is “conducting investigations to determine whether sensitive Eskom information was compromised as a result of this incident,” but will not comment further until the investigation has been concluded.

Source: IOL 

The Competition Commission in South Africa said it has noted an agreement between Standard Chartered Bank and the New York State Department of Financial Services where Standard Chartered pleaded guilty to currency manipulation.

The Competition Commission said in a statement: “The Competition Commission has noted a consent agreement, which subsequently became a court order, between Standard Chartered Bank and New York State Department of Financial Services. In the consent order, Standard Chartered pleaded guilty to currency manipulation which included the South Africa Rand (ZAR) between 2007 and 2013. This is captured on pages 9 and 10 of the court order.”

The Commission said it would consider the impact of the order on the ongoing forex litigation with the banks in South Africa.

The statement continued: “In February 2017 the Commission referred to the Tribunal for prosecution a collusion case against Bank of America Merrill Lynch International Limited, BNP Paribas, JP Morgan Chase & Co, JP Morgan Chase Bank N.A, Investec Ltd, Standard New York Securities Inc., HSBC Bank Plc, Standard Chartered Bank, Credit Suisse Group, Standard Bank of South Africa Ltd, Commerzbank AG, Australia and New Zealand Banking Group Limited, Nomura International Plc., Macquarie Bank Limited, ABSA Bank Limited (ABSA), Barclays Capital Inc, Barclays Bank plc (Respondents).

“The Commission investigated a case of price-fixing and market allocation in the trading of foreign currency pairs involving the South African Rand since April 2015. The Commission found that from at least 2007, the respondents had a general agreement to collude on prices for bids, offers and bid-offer spreads for the spot trades in relation to currency trading involving US Dollar / Rand currency pair.

“Further, the Commission found that the respondents manipulated the price of bids and offers through agreements to refrain from trading and creating fictitious bids and offers at particular times. Citibank N.A. pleaded guilty and reached a settlement agreement with the Commission and agreed to pay an administrative penalty of R69 500 860. Citibank N.A. undertook to cooperate with the Commission and avail witnesses to assist the prosecution of the other banks.”

The commission said that since February 2017, it has been engaged in protracted litigation with the rest of the banks, including Standard Chartered Bank, on pre-trial issues such as jurisdiction of the South African authorities and disclosure of the Commission’s evidence.

By Abrar Al-Heeti for C-NET

The US Department of Justice on Monday charged Huawei with theft of trade secrets, wire fraud and obstruction of justice.

A 10-count indictment alleges that China’s Huawei stole trade secrets from US carrier T-Mobile beginning in 2012. Huawei also allegedly offered bonuses to employees who stole confidential information from companies. In addition, a 13-count indictment charged four defendants, including Huawei and Chief Financial Officer Meng Wanzhou, with financial fraud. The indicted defendants also include affiliates Huawei USA and Skycom.

“The charges unsealed today clearly allege that Huawei intentionally conspired to steal the intellectual property of an American company in an attempt to undermine the free and fair global marketplace,” said FBI Director Christopher Wray in a statement. “To the detriment of American ingenuity, Huawei continually disregarded the laws of the United States in the hopes of gaining an unfair economic advantage.”

The charges come amid heightened scrutiny for Huawei, the world’s largest supplier of telecom equipment and the No. 2 smartphone maker behind Samsung. The US has already banned Huawei from selling networking equipment here, but a number of other countries have either already ceased working with the company, or are considering a ban. The Chinese government and Huawei have said the moves could have ramifications since the company contributes to industry-standard wireless technologies like 5G.

Both the US and China are jockeying for leadership in the next-generation of cellular technology, which promises higher speeds and the ability to handle more connected devices. US officials have offered warnings about Huawei and its ties to China.

“There is ample evidence to suggest that no major Chinese company is independent of the Chinese government and Communist Party — and Huawei, which China’s government and military tout as a ‘national champion,’ is no exception,” said Sen. Mark Warner, a Virginia Democrat who’s vice chairman of the Senate Select Committee on Intelligence.

Huawei, meanwhile, denied any wrongdoing.

“Huawei is disappointed to learn of the charges brought against the company today,” the company said in an emailed statement.

“After Meng’s arrest, the company sought an opportunity to discuss the Eastern District of New York investigation with the Justice Department, but the request was rejected without explanation,” Huawei continued. “The allegations in the Western District of Washington trade secret indictment were already the subject of a civil suit that was settled by the parties after a Seattle jury found neither damages nor willful and malicious conduct on the trade secret claim.”

T-Mobile declined to comment.

Two charges
According the first set of indictments, Huawei began stealing information about a phone-testing robot from T-Mobile called Tappy. Huawei engineers allegedly violated confidentiality and nondisclosure agreements by taking pictures of Tappy, taking measurements of parts of the robot and stealing a piece of it. When T-Mobile found out and threatened to sue, Huawei falsely said the theft was done by rogue actors within the company, according to the indictment.

T-Mobile sued anyway, and in 2017 won its case against Huawei, with a jury awarding it $4.8 million.

Despite Huawei’s insistence that the action was a one-off affair, the Justice Department says emails obtained during the investigation found that the theft of secrets from T-Mobile was a companywide effort.

It has been clear for some time that Huawei poses a threat to our national security.
Sen. Mark Warner
Huawei could face a fine of up to either $5 million or three times the value of the stolen trade secret, for conspiracy and attempt to steal trade secrets. The company could also face a fine of up to $500,000 for wire fraud and obstruction of justice.

In the second set of indictments, Meng was charged with bank fraud, wire fraud and conspiracies to commit bank and wire fraud. Huawei and Huawei USA are charged with conspiracy to obstruct justice. Huawei and Skycom are charged with bank fraud and conspiracy to commit bank fraud, wire fraud and conspiracy to commit wire fraud, violating the International Emergency Economic Powers Act and conspiracy to violate IEEPA, and conspiracy to commit money laundering.

The charges are related to the company’s alleged efforts to evade US sanctions and do business with Iran. Last month, Meng was detained in Canada at the behest of the Justice Department over those claims. While in a Vancouver courthouse to discuss her bail, a lawyer with Canada’s Justice Department alleged she defrauded US banks into making transactions that violated those sanctions, according to Bloomberg.

The founder’s daughter
Notably, Meng isn’t just the CFO of Huawei. She’s the daughter of the founder and president, Zhengfei Ren. And her arrest doesn’t just have ripple effects across the tech industry; it threatens to blow up an already precarious relationship between the US and China over trade talks.

Beyond trade, others see Huawei as a national security issue.

“It has been clear for some time that Huawei poses a threat to our national security, and I applaud the Trump Administration for taking steps to finally hold the company accountable,” Warner said.

Huawei has consistently denied any wrongdoing by Meng. At the World Economic Forum at Davos, Huawei Chairman Liang Hua called for a quick resolution of the case and the release of Meng, according to Reuters.

Meng’s lawyer, Reid Weingarten, told Reuters on Tuesday that she was a victim of “complex” China-US relations.

“Our client, Sabrina Meng, should not be a pawn or a hostage in this relationship.” he said, using one of her Western names. “Ms. Meng is an ethical and honorable businesswoman who has never spent a second of her life plotting to violate any US law, including the Iranian sanctions.”

Huawei also told Reuters that it had sought to discuss the charges with US authorities, “but the request was rejected without explanation.”

Over the past few months, Huawei has endured a wave of negative sentiment. UK carrier BT said it’d pull Huawei equipment out of its 4G network and ban it from any future 5G deployments. Japan reportedly banned government purchases from Huawei. Also last month, Andrus Ansip, the EU’s technology chief, warned that Huawei and other Chinese companies pose a risk to the bloc’s industry and security, according to Reuters.

All of the negativity could have a trickle-down effect on the company.

“[The case] puts every aspect of Huawei’s business in jeopardy in the US and EU, including consumer sales,” said Maribel Lopez, an analyst at Lopez Research. “Instead of being known for innovation, the company is positioned as criminal.”

EOH shocked by its inclusion in Eskom statement

By Robert Laing for Business Day 

Techology group EOH issued a Sens announcement on Wednesday objecting to a statement that Eskom issued on Tuesday, which sent its share crashing as much as 16% to an intra-day low of R26.35.

EOH was listed twice in 14 reportable irregularities flagged in Eskom’s interim results for the six months to end-September, a Sens statement the state-owned enterprise (SOE) issued showed.

The list included that there were allegations that Eskom’s former chief procurement officer, Jay Pillay, and other senior officials in procurement were involved in acts of misconduct involving EOH.

The second mention of EOH regarded the resignation of George Sebulela in October 2018.

“A member of the board and audit and risk committee, Sebulela did not declare a conflict of interest and did not recuse himself on deliberations involving the supplier (EOH),” Eskom’s statement said.

“EOH is currently engaged with the JSE and Eskom on Eskom’s Sens disclosure,” the technology group said in Wednesday’s statement. “The two allegations mentioned in the announcement are matters that have been fully investigated and the matters concluded last year. EOH was found not to be implicated in either allegation.”

Other suppliers mentioned in Eskom’s list of reportable irregularities who gained contracts without following correct procedures included Bizz Tracers, Huarong Asset Financing, Cliffe Dekker Hofmeyr, McKinsey and Trillian.

Former Absa and MTN executive Stephen van Coller recently issued a statement following his first 100 days as EOH’s CEO in which he said “specific legacy issues have affected the company’s value”.

Van Coller announced a new structure, which among other things, will improve the group’s accountability.

By Wendy Knowler for Times Live

Do courier company drivers have the necessary training and experience to verify proof of identity and address before handing over a credit card, complete with its PIN number?

If First National Bank (FNB) client Ivan Kistnasami’s experience is anything to go by, definitely not.

He recently discovered that a fraudster had applied for a Discovery card in his name, and had it delivered to an address in Howick, KwaZulu-Natal, in November.

“With his new credit card and pin – and a massive credit limit of R102,000 – the fraudster had access to my cheque and credit card accounts, and within two days he had transferred all funds that were available, up to my credit limits, creating debt to the tune of R157,000,” the Pietermaritzburg resident said.

When he approached TimesLIVE for help shortly before the festive season corporate shut-down, his credit profile was in tatters and FNB had failed to honour his monthly debit orders.

“I believe that FNB was negligent in that they have delivered this credit card with the pin through a courier driver who clearly had no experience in verifying the documentation,” Kistnasami said.

The proof of address, a Woolworths account, bears an address which doesn’t quite match the font of the name; a clear sign of fraudulent tampering.

And the ID in Kistnsami’s name bore the photo of a black man, another obvious identity mismatch.

“FNB has my picture on their system, yet the courier driver accepted an ID document with a photo of someone very different.”

The courier company employee stamped the copy of the ID and the Woolworths account, and put his signature to the statement that he’d seen the originals and confirmed the copies to be true.

Kistnasami said when he approached FNB about the couriering of credit cards to its clients, “I was told that the bank does not allow clients to collect from the branch as they are trying to reduce the number of clients transacting at branches”.

In fact, since July 2018 FNB has not stopped allowing its clients from collecting their cards at a bank branch, but strongly discouraged that by charging them R200 if they choose to do so, while offering a free courier service.

“The reduction of card deliveries to branches is in accordance with the bank’s business and digital migration strategy, which continues to benefit customers from a convenience and cost-saving perspective,” the bank told TimesLIVE.

By December, thanks to the bank’s “convenient” delivery of Kistnasami’s card and PIN to the fraudster, he was deep in debt, his medical cover had been suspended due to non-payment, his insurance policy premiums had not been paid and his car insurance was a month in arrears.

TimeLIVE asked FNB whether fraudsters had abused the bank’s card courier policy to acquire credit cards in the name of other clients and whether it intended to implement new security measures to counter this form of fraud.

Does the bank feel it is appropriate for courier staff to have to determine whether or not an alleged card holder’s proof of identity/address are authentic or not?

Responding, FNB said very little, other than Kistnasami was the victim of identity theft and had been refunded.

“Our investigation into the circumstances of the fraud is still pending and we will communicate with the customer until the matter has been amicably finalised.

“Due to the ongoing investigation, we cannot disclose any further information on the matter.”

Kistnasami told TimesLIVE that he has repeatedly been told by FNB that the investigation was still “ongoing”.

“Yes, I was reimbursed, but the accounts are on hold. When I try to settle or balance the accounts so that I can close them, the system says ‘on hold’.

“All I want is to put this nightmare behind me and move on with my life,” he said.

“I do not want the bank to come back to me a year or more later and say I owe them a large sum of money.”

Asked to comment, Discovery said that as Discovery Card was “still operating through a joint venture with FNB” it would leave FNB to comment on the matter.

When Discovery Bank launches later this year, the spokesman said, “it will have incredibly strong security controls”, which would be explained at the time.

FNB is the only bank which charges its clients a fee for wanting to collect their cards from a branch of the bank.

Its competitors do the reverse, charging clients a fee of between R150 and R175 to have their cards delivered to their chosen address by courier.

By Jack More for Mashable 

They wouldn’t have numbered it if it was the only one.

On 16 January, security research Troy Hunt uploaded a massive cache of leaked e-mails and passwords to his invaluable website have i been pwned.

The 87GB dataset, dubbed “Collection #1,” was admittedly years old, and had been passed around by hackers for some time now. Still, the sheer scale of it — containing over 772-million email addresses — turned heads. Hold onto your digital butts, because as Krebs on Security reports, you ain’t seen nothing yet.

According to Krebs, the Collection #1 data breach is, unsurprisingly, part of a much larger collection of stolen online credentials being sold online. And, taken as a whole, it dwarfs Collection #1’s size.

Just how big are we talking? According to the hacker allegedly selling access to the data who communicated with Krebs over Telegram, the entire data set of email addresses and passwords comes close to 1TB. Brian Krebs, the infosec journalist behind Krebs on Security, tweeted a screenshot purportedly depicting a page listing the data for sale.

In addition to the 87GB Collection #1, there’s a 526GB Collection #2, a 37GB Collection #3, a 178GB Collection #4, a 42GB Collection #5, and two other folders totaling an additional 126GB worth of credentials.

The seller told Krebs that, in total, they had close to 4TB of so-called password packages. Yeah, that’s a lot. According to the image above, the “Price for access lifetime” is only a cool $45 (R630).

So your email, along with one or more passwords to various throwaway online accounts you’ve used and discarded over the years, is likely being traded on the dark web. What does this mean for you?

Well, if you’re smart about your online security, probably not too much immediately. Assuming you use unique passwords for each account online — and you definitely should — any of your passwords contained in the dataset would only gain a hacker access to one specific online service. Like, say, your old Tumblr account. And, if you use two-factor authentication, you’re likely in the clear.

However, all this goes out the window if a hacker gets access to your main email account and can initiate password resets. And if the email account in question just so happens to share a password with your now-defunct Neopets account or whatever? You might legit be in trouble. Consider getting a password manager, and make sure your email has a unique password and 2FA.

And then go about your normal online business, comfortable in the knowledge that your personal data is being sold to hackers for the low, low price of $45 (R630).

To see whether your email address has been breached, visit have i been pwned.

By Angelique Arde for Business Live

Absa is tight-lipped about its meeting this week with the banking regulator about how the bank handles cyber risks.

Caroline da Silva, head of regulatory strategy at the Financial Sector Conduct Authority (FSCA), told Money that the regulator’s meeting with Absa was the first of a series it will have with all banks. This comes after a “market conduct risk” across the sector was flagged in a retail banking diagnostic, as well as reports from customers, including one from Johannesburg attorney Mark Heyink.

In June last year, Heyink made submissions to the FSCA detailing Absa clients’ allegations of unfair treatment by the bank in dealing with online banking frauds.

Though the meeting with Absa was general, Da Silva said the issues in Heyink’s submission were discussed, including the predominance of Absa clients in cases of online fraud dealt with by the attorney.

In his report to the FSCA, Heyink, acting for 29 Absa customers referred to him by a digital forensic expert and a computer scientist, claimed that the bank had “improperly” held clients liable for losses resulting from online banking fraud and called on the regulator to investigate Absa and the ombud for banking services.

But Da Silva told Money this week that the FSCA is in an “interim position”, without legislation in place yet to regulate the conduct of banks – the Conduct of Financial Institutions Bill was published in December for comment. “We don’t want to wait for that to take action on their conduct, so we’ve drafted a set of conduct standards which will be published for comment before the end of March and will hopefully be in force before the middle of the year.”

On the question of the conduct of the banking ombudsman, Da Silva said the Twin Peaks regulatory model envisages a stronger ombud system, with a chief ombud to look at the independence, governance and decisions made by both statutory and voluntary/industry ombuds.

In October last year, the South African Banking Risk Information Centre released statistics on digital banking crime for the first time, showing that the number of incidents of online fraud had increased by 64% between 2017 and August 2018.

The conduct Heyink reported to the FSCA relates to Absa holding clients responsible for losses when the bank had allegedly:

• No evidence of negligence on the part of its clients;

• Applied incorrect interpretation of the law relating to the client’s assumption of risk;

• Failed to comply with applicable consumer protection legislation; and

• Failed in its duty of care to its customers.

Heyink and the digital experts quoted in the submission also question whether the security measures taken by Absa were appropriate.

Absa, which would not be drawn on the meeting with the FSCA, also declined to respond to these specific allegations.

Ulrich Janse van Rensburg, head of fraud strategy at retail and business banking at Absa, said internet fraud is of “huge concern” to Absa. “It has an adverse impact on the much-needed relationship of trust between Absa and its customers. For this reason, it is entirely in our interest to ensure not only that world-class security measures are in place, but that when fraud is committed, those responsible are apprehended and made to account. And expeditiously so.

“That’s why Absa takes every possible precaution to safeguard our customers’ money and co-operates closely with the SAPS and industry fraud-prevention bodies such as Sabric [South African Banking Risk Information Centre].

“However, we are unfortunately constrained in instances where the customer would have caused vulnerability by divulging their confidential banking details to third parties, very often without intending to do so. Regrettably, this weakness impacts the entire industry, not only Absa.

“Although Absa is ordinarily not liable for the frauds perpetrated on its customers by third parties in the strict legal sense, it recognises that these crimes have a significant personal impact on the victim and for this reason will come to their financial assistance,” Van Rensburg said.

Almost half of Heyink’s 29 clients accepted settlement offers from Absa covering 50% of their losses. The settlement offers, which were valid for seven days only, were confidential, ex gratia and in full and final settlement of claims against the bank.

In his submission to the FSCA, Heyink said that in consultation with clients who accepted such settlements, in every instance the client said they had accepted the settlement under duress. One client said: “We felt we had a gun to our head.”

Clients who did not accept settlements said they also felt Absa was trying to force them to accept the offer.

Absa said that it does not put pressure on clients and a week is reasonable time for a client to decide whether to accept a settlement. But Heyink said that the circumstances under which the offers were made by Absa placed clients in an unfair bargaining position.

By Shanice Naidoo for IOL

A Bloubergstrand man had his Absa business account swindled out of R3.1 million while he was in Miami for two months.
Feruccio Ferucci left Cape Town in October without suspecting that his banking information had been stolen.

Around the end of October, his Vodacom SIM card stopped working as well as his internet banking. Growing suspicious, he contacted his daughter in Cape Town to find out from Vodacom what had happened. They informed her that a SIM swap had been done.

“I did not authorise the SIM swap. My phone stopped working for about three weeks and then started working again.

“I haven’t heard anything from Vodacom telling me what happened because my phone just started working again three weeks later,” said Ferucci.

When he returned on December 2, he was shocked to find out from his staff about transactions which were not approved by them at his business in Paarl or by himself. These were fraudulent transactions which had gone off the business account during two of the weeks which his phone had not been working equating to R3.1m.

“These transactions were around R300 000 each and there were about ten transactions. I then contacted my attorney and he referred me another attorney who specialises in this type of crime. I then wrote a protest letter to Absa threatening to close my account with them and my money was refunded around December 23,” said Ferucci.

On speaking to the new attorney, he was told that this was often done to people who are overseas because perpetrators assume one would not check their phone regularly.

“The attorney told me that 90% of the cases he deals with involved people who went overseas. There is no doubt in my mind that what happened to me was promoted by employees of both Vodacom and Absa.

“They probably didn’t steal the money but they probably sell the information,” said Ferucci.

Both Absa and Vodacom have said they are investigating the matter.

IRS Forensic Investigations, which investigates financial, organised and cyber crimes director Chad Thomas said sim swaps are a major issue, with some victims reporting that they have become victims of crime while their phones have been off while they have been travelling long distances.

However, the breach of personal data, including credit card numbers is not just confined to individual hacks via trojans or malware but is also as a result of highly sophisticated cyber attacks on data stored by corporates.

“People need to take cognisance of the fact that a sufficiently determined and capable hacker can take over someone’s online footprint if the correct measures are not taken to protect their information. However, it is not just the individual that needs to take precautions, but also corporates that are storing client’s information and have a responsibility to safeguard that information,” said Thomas.

How the ANC broke Eskom

Source: MyBroadband

Eskom was once so successful that it was supplying more than half the electricity in Africa.

However, years of corruption, incompetence and political meddling has brought Eskom to its knees, and it is now begging for bailouts to stay afloat.

The company’s growing debt burden, which already exceeds R400-billion and can grow to R600-billion in the next three years, means it is technically bankrupt.

So bad is the situation that former Finance Minister Nhlanhla Nene said Eskom is the single biggest risk to South Africa’s economy.

The image below provides an overview of how Eskom changed over the last 10 years:

Image credit: MyBroadband

Source: IT News Africa

As South Africa’s business sector continues to expand across a myriad of digital platforms, cybercrime continues to threaten this burgeoning digital sphere. “There are many victims of cybercrime, with limited recourse available in terms of current South African law. The need for tighter and more effective legislation is pressing,” says Grant Christianson, e4’s Group Legal Advisor.

The end of October 2018 hopefully saw the legislative cycle for the Cybercrimes Bill nearing completion, as the Department of Justice and Constitutional Development tabled an updated version. Christianson says that the existing laws have become problematic in adequately combatting cybercrime and the new Bill is needed to effectively “fill-the-gaps” that exist in current legislation and the common law.

“According to the South African Banking Risk Information Centre (SABRIC), South Africa’s annual loss is estimated at R2,2 billion, making it a significant threat to an already volatile economy.”

While the Bill does no longer address cybersecurity, he says that it will provide a framework for combatting cybercrime. Initially drafted in 2015, it addresses criminal activity that is computer-based and is related to unlawful access to, interference with or distribution of data, electronic communications, information systems and networks. He says the Bill also creates new offences for hacking; phishing, cyber bullying, unlawful interception and distribution of data, ransomware, cyber forgery and extortion, as well as acts involving malware and identity theft. Anyone convicted is likely to be fined and/or imprisoned up to 15 years.

The Bill is also expected to align with international best practice: “There will be a requirement to co-operate with other countries to effectively deal with multi-jurisdictional cybercrime activity, as often the cyber offence is created in one jurisdiction and felt in another,” says Christianson.

As a country, with the third highest number of cybercrime victims worldwide, South Africa is a target. Christianson says that mobile technology will further impact users as the country’s growing reliance on the app economy and other mobile trends will drive cyber criminals to penetrate mobile networks: “As devices become more connected and smarter, users are more exposed and so the threat grows. Digitisation is a trend that has no end in sight and while it brings with it innovation and exciting changes, cybercrime continues to grow in parallel.”

While the timeframe for the Bill’s signature is uncertain, Christianson says that it is at least in its final stages and once signed into law, the law-enforcement industry can become more proactive in its pursuit of cybercriminals.

         

           

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top