Cybercrime costs SA firms billions

2015-03-20 11:14 - Duncan Alfreds
Post a comment 3

Cyber criminals use compromised e-commerce platforms to conduct fraudulent bank debit orders. (Duncan Alfreds, Fin24)


Cape Town - South African businesses lost an estimated R5.8bn to cybercrime as breaches continue at an alarming rate, an expert has said.

According to underwriter Candice Sutherland around 974 million company records were lost or stolen in 2014 - an estimated 31 records every second - perpetrated mainly by disgruntled employees.

She said that these stolen records amount to losses of at least R5.8bn which can also be attributed to organisational negligence, rivals and hackers.

"The Protection of Personal Information Act (Popi), gives effect to a constitutional right to privacy and the unauthorised access to information regarding the educational, medical, financial, criminal or employment history of an individual as well as their personal details such as ID numbers, contact details and physical addresses is restricted by the Act," said Sutherland, business development consultant at SHA Specialist Underwriters.

Companies that don't take adequate measure to protect personal information may find themselves liable for data compromised by unscrupulous individuals or organisations.

Fines, imprisonment

Sutherland said that executives who are found to be negligent with personal information may face fines of R10m or 10 years in prison.

Cybercrime is a lucrative enterprise for fraudsters.

In the US, the Federal Bureau of Investigation's (FBI) most wanted cyber criminal is Evgeniy Mikhailovich Bogachev. He is wanted in connection with bank fraud; conspiracy to violate the Computer Fraud and Abuse Act; conspiracy to Violate the Identity Theft and Assumption Deterrence Act; aggravated Identity Theft, among other crimes.

The FBI has posted a reward of $3m for information leading to his arrest and conviction. According to the agency, Bogachev is responsible for the Zeus malware which was able to "capture bank account numbers, passwords, personal identification numbers, and other information necessary to log into online banking accounts".

In SA, identity theft is facilitated by an entire ecosystem of underworld operators who specialise in capturing financial information with which to conduct the crimes.

Fin24 user Beulah Roman recently had to change her entire bank account details after cyber criminals had managed to fraudulently debit her account with R400 per day.

While laws such as the Financial Intelligence Centre Act (38 of 2001), known as Fica, seek to eliminate money laundering and provide a safe financial transacting environment, criminals don't play by the rules.

"Through various channels including illicit means they [criminals] can then recreate an identity book or passport and proof of address (everything required by Fica). In essence enough information to be able to open a bank account, apply for credit, goods and services.  Obviously none of this will be re-paid and the scam is complete," Independent Identity Verification expert Dawid Jacobs told Fin24.

- Follow Duncan on Twitter

Read more about: fbi  |  cybercrime

Read Fin24’s Comments Policy publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.