Cyber Threats in South Africa

Adv Jacqueline FickPwC

22 July 2011

www.pwc.com

PwC

Contents

1.Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories.

2.Phishing.

3.Cyber crime and tax refunds.

4.What to do?

5.Conclusion

2

PwC

Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories

Cyber crime defined

• “…computer crime encompasses the use of a computer as a tool in theperpetration of a crime, as well as situations in which there has beenunauthorised access to the victim’s computer, or data. Computercrime also extends to physical attacks on the computer and/or relatedequipment as well as illegal use of credit cards and violations ofautomated teller machines, including electronic fund transfer theftsand the counterfeit of hardware and software.” (Credo and Michels)

• Watney uses the term cyber crime and defined it as all illegalactivities pertaining to a computer system, irrespective of whether thecomputer is the object of the crime or the instrument with which thecrime is committed.

• Move in South African law to the use of the term cyber crime which iswide enough to encompass all illegal activities in respect ofcomputers, information networks and cyberspace.

3

PwC

Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories

Types of cyber crime in South Africa

• Unauthorised access (s86(1))

• Unauthorised modification of data and various forms of malicious code (s86(2))

• Denial of service attacks (S86(5))

• Devices used to gain unauthorised access to data (s86(4))

• Computer-related extortion, fraud and forgery (s87)

• Child pornography, cyber obscenity and cyber stalking

• Copyright infringement

• Industrial espionage

• Piracy

• Online gambling

4

PwC

Understanding the origins and characteristics of South Africa’s most prevalent cyber crime categories

The world of cyber crime

• An underground cybercrime economy and cyber black market existswhere the cybercriminal can buy, sell, barter or trade criminal skills,tools and your private information, you can buy IDs, credit cardsbotnet kits.

• Cybercriminals are now less hackers and more like offline crimesyndicates, such as the Mafia or urban gangs.

• One can buy a keystroke logger for about $23 or pay $10 to havesomeone host a phishing scam, pick up a botnet for just $225, or get atool that exploits a vulnerability on a banking site for $740 to $3 000.(Cybercrime Exposed Marian Merritt)

• What happened in South Africa…

• “It’s grown to become a flourishing industry with internationalsyndicates, just like the Mafia” (Pres Jacob Zuma)

5

PwC

Phishing

• In the field of computer security, phishing is the criminallyfraudulent process of attempting to acquire sensitive informationsuch as usernames, passwords and credit card details bymasquerading as a trustworthy entity in an electroniccommunication.

• An online scam that uses e-mail to “fish” for users’ information byimitating legitimate companies. People are lured into sharing usernames, passwords, account information or credit-card numbers.The phishing e-mail usually contains a link to a illegitimate site.

6

PwC

Phishing (cont.)

What statistics show

RSA Online Fraud Reports show that South Africa does not fall withinthe top ten countries hosting phishing attacks, but features high on thelist of top ten countries by attack volume.

The U.S., UK, and South Africa continue to be the countries that haveendured the highest volume of phishing attacks – for 15 consecutivemonths. Over the past year, the U.S. and UK have absorbed a combinedaverage portion of 65 percent of the attacks. (May 2010 - April 2011).

7

PwC

Cyber Crime and Tax Refunds

8

PwC

Cyber Crime and Tax Refunds

• Warnings from SARS – diligence in tax season

• Promise of tax refund, click on link!

• Close resemblance to e-filing page

• SARS will never ask for your personal details

• Do not click on any links – malware, trojans, viruses

• Threat of keyloggers and spy software

• Criminals steal information to become “you”

9

PwC

Cyber Crime and Tax Refunds

10

PwC

Cyber Crime and Tax refunds

• CIRPRO :

• Changing names of directors – electronic lodgement of CM29

• Registering false companies (the PwC example)

• Mostly aimed at diverting VAT refunds

• Company details should be checked routinely.

• Warning signs such as delay in payment of tax refund, odd queries from clients or credit bureaus.

11

PwC

What to do?

• Regularly check your company details.

• www.cipro.gov.za – panel on the left. Search for company name or similar name.

• Never respond to unsolicited emails or click on links in the mails. If you haven’t bought a lotto ticket, chances are you did not win anything!!!

• If you think that your company has been hijacked keep record of everything you do – disputes with SARS, banks.

• Notify your own bank and other banks of information to assist in tracing fraudulent accounts.

• Notify CIPRO, SARS and SAPS and your own employees.

• Contact your clients to say your details have not changed.

12

PwC

Closing remarks

• Effectively and efficiently addressing cyber crime requires a shift inparadigm.

• Protect information as a valuable asset.

• Pro-active vs re-active approach: prevention is better thanprosecution.

• Always keep abreast of scams and ensure your systems are up to date.

• Understand your organisation, your data and the value of IT.

• Have appropriate policies and enforcement monitoring in place.

• Share experiences

13

It is widely accepted that in today’s technology-driven environment, information is worth a king’s ransom;

successful businesses know how to protect and capitalise on it. Information is fast becoming the biggest contributor

to the bottom-line and an asset that should be jealously guarded with the same vigour as financial assets. The best

of the best employ information technology (IT) and information resources to create competitive advantage and

ensure the good governance thereof.

Thank you

This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon

the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to

the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers Inc, its

members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or

refraining to act, in reliance on the information contained in this publication or for any decision based on it.

© 2010 PricewaterhouseCoopers (“PwC”), a South African firm, PwC is part of the PricewaterhouseCoopers International Limited (“PwCIL”) network that

consists of separate and independent legal entities that do not act as agents of PwCIL or any other member firm, nor is PwCIL or the separate firms

responsible or liable for the acts or omissions of each other in any way. No portion of this document may be reproduced by any process without the written

permission of PwC.