Cybercrime Update – And New UN Convention Planned
This Newsletter has strongly recommended that more is done to prevent cybercrime for many years. We are delighted that the ECOM Africa conference in April has that issue on its wide agenda of ecommerce-related topics. EFSA/EFA members can get 30% off (the coupon code is ECAF30 – https://ecommerce-africa.com/register-with-credit-card/ ). Over the last 2 years, SA has recorded one of the biggest global spikes in cybercrime, and SA is now the 6th highest country to be impacted by digital crime. With continued growth in the digital space, as well as the knock on effects of COVID, cybercrime is impacting the country more than ever before. 97 people fell victim to cybercrime per hour in 2021, with phishing topping the list of the biggest threats to online security. While personal cases of cybercrime are the highest, the number of attacks on businesses, corporate brands have also increase rapidly.
The major data breaches (loses of personal data) include TransUnion South Africa which fell victim to a large-scale cyberattack and lost 54m datasets of personal data. Experian also lost a vast amount of personal data, and back in Dec 2021 the Information Regulator issued a statement pointing out that there had been 139 data breaches reported to it since POPIA was fully implemented. Personally identifiable information including ID numbers, employment information, email addresses and even passport numbers, have been stolen by hackers.
Data breaches are only one form of cybercrime malware. There are now warnings from CyberArk researchers that OpenAI’s popular new AI tool ChatGPT can be used to create polymorphic malware. Elsewhere, Ransomware has caused widespread damage both to companies and to governments (perhaps one of the best example was the ransomware which disrupted petrol delivery across the USA a couple of years ago). Over the last 3 years, corporate companies have become increasingly vulnerable to online crime. When COVID forced employees to work remotely, critical company data became more accessible. Penetration points into any company increased significantly as communication and access points become more remote. Businesses around SA have had to become vigilant, and be on the look-out for technology and solutions to protect them against the attacks. However, with the constant evolution of attacks, many have expressed frustration in not being able to keep up with what is needed.
Readers will recall that the Cybercrimes Act was adopted in SA in 2021, and the Standard Operating Procedures (SOPs) were published last year. EFSA commented on these, pointing out that some of the requirements needed to be revised to avoid heavy administrative burdens on SMEs. The revised SOPs are still awaited.
Africa is not the only victim of cybercrime, as this Newsletter has shown. A new UN convention on cybercrime which will have far reaching impacts on companies that trade globally is being drafted. The convention is set to be adopted in early 2024 and so advocacy in 2023 is critical to removing harmful provisions and to ensure robust safeguards essential to preventing a significant increase in legal risk to corporations as well as their officers and other staffers.
Further afield, in recent years Japan adopted legislation to develop and implement an “economic security strategy” that includes a significant reorganization of government (the creation of a minister for economic security) and the adoption of new policies to accomplish this task. Its 2022 Economic Security Promotion Act focuses on securing supply chains of critical materials, nondisclosure of patents for security reasons, promoting the development of advanced technologies, and ensuring infrastructure security.
Become a member
Join the Ecommerce Forum South Africa and benefit from industry insights in South Africa and Africa.
Sign up to newsletter
Sign up to our newsletter and stay informed of the progress we are making at the Ecommerce Forum South Africa with government during Coronavirus.