Johannesburg - Over the past three years more than R1bn is estimated to have been lost in South Africa owing to cyber crime.
Information Security Group (ISG) of Africa founder and chairperson Craig Rosewarne said the R1bn was a conservative estimate, based on figures in the public domain.
Rosewarne said because no law or regulation currently forced companies to report cyber crimes, the true scope of the situation in South Africa was uncertain.
Data that are available are limited, but show that in an international context South Africa has a serious cyber-crime problem.
According to the February 2011 figures from the RSA Anti-Fraud Command Centre, South Africa was, after America and Britain, the country experiencing the greatest volume of phishing attempts (7.5% of the total).
The 2010 report by the FBI’s Internet Crime Complaint Center (IC3) put South Africa sixth on its list of countries with the greatest numbers of individual cyber-crime complainants.
Rosewarne said that one might imagine that what was happening around us would be a call to action, but what one saw was the opposite. One got a sense of lethargy, of dragging one's feet and bureaucratic red tape.
The Department of Communications previously published a draft cyber-security policy for public comment, and interested parties could comment up to March 20 last year.
Rosewarne said the document had said all the right things about a coordinated cooperative effort between government and business to counter cyber crime, but, with all the changes taking place at the Department of Communications, it appeared that nothing further had happened.
Currently, individuals or enterprises that were victims of cyber crime had to deal with the matter themselves, said Rosewarne.
This meant they had to lay a charge with the police, in many cases with constables with no knowledge of technical internet terms, who then referred it to the commercial crimes unit in Pretoria, after which it was passed on to the cyber-crime unit.
The process could be quite extended and, by the time the case enjoyed proper attention, any money stolen had already passed through several accounts, he said.
Information Security Group (ISG) of Africa founder and chairperson Craig Rosewarne said the R1bn was a conservative estimate, based on figures in the public domain.
Rosewarne said because no law or regulation currently forced companies to report cyber crimes, the true scope of the situation in South Africa was uncertain.
Data that are available are limited, but show that in an international context South Africa has a serious cyber-crime problem.
According to the February 2011 figures from the RSA Anti-Fraud Command Centre, South Africa was, after America and Britain, the country experiencing the greatest volume of phishing attempts (7.5% of the total).
The 2010 report by the FBI’s Internet Crime Complaint Center (IC3) put South Africa sixth on its list of countries with the greatest numbers of individual cyber-crime complainants.
Rosewarne said that one might imagine that what was happening around us would be a call to action, but what one saw was the opposite. One got a sense of lethargy, of dragging one's feet and bureaucratic red tape.
The Department of Communications previously published a draft cyber-security policy for public comment, and interested parties could comment up to March 20 last year.
Rosewarne said the document had said all the right things about a coordinated cooperative effort between government and business to counter cyber crime, but, with all the changes taking place at the Department of Communications, it appeared that nothing further had happened.
Currently, individuals or enterprises that were victims of cyber crime had to deal with the matter themselves, said Rosewarne.
This meant they had to lay a charge with the police, in many cases with constables with no knowledge of technical internet terms, who then referred it to the commercial crimes unit in Pretoria, after which it was passed on to the cyber-crime unit.
The process could be quite extended and, by the time the case enjoyed proper attention, any money stolen had already passed through several accounts, he said.