LITERATURE REVIEW
2.9. SOUTH AFRICAN CYBER-SECURITY STATISTICS
finalised. Van Vuuren et al. (2014) argued that there is no adequate emphasis on the national cyber-security policy, despite the fact that such a policy would be an overarching document to guide the cyber-security implementation in the country. In an effort to safeguard the cyberspace, this research proposes an ontology that identifies various stakeholders and defines their roles. It has been recognised that a multi- levelled structure of key stakeholders exists in the cyber-security environment and that, more often than not, the responsibilit ies and roles overlap.
The picture that is clearly articulated in the report relates to the lack of necessary capacity to systematically implement cyber-security strategy in the country. The report states that “the biggest impediments is probably the slow pace at which the NCPF is implemented and the unavailability of resources and capacity” (Symantec, 2016b, p. 88). The report argues that in order to ensure capacity building, government should promote special initiatives. It further put a stance that when implementing the NCPF, an incremental approach is adopted, which entails focusing on aspects that require to be attended to urgently.
The report lists the following tables which present the top ten source (originating from) African countries for malicious behaviour and their percentages within the continent.
a. Attacks
“Attackers use various exploits to gain unauthorized access to a computer or an organization’s network. Motivations for these attacks can range from gaining financ ia l profit, stealing sensitive information, disabling a network, establishing a C&C server, or using the system as a launching point for future attacks. Attacks can be active such as a brute-force attack that determines a user’s password, or passive such as a web-based attack that waits for a user to visit a malicious webpage in an attempt to infect the user’s computer with malicious code” (Symantec, 2016b, p. 31).
Table 2.3: Top ten malicious attacks
Country Rank Percentage within Africa Incident count
South Africa 1 25% 314,880
Egypt 2 12% 149,685
Kenya 3 9% 106,265
Nigeria 4 7% 89,100
Mauritius 5 6% 73,134
Algeria 6 5% 60,381
Seychelles 7 4% 45,661
Botswana 8 3% 37,880
Morocco 9 3% 34,464
Tunisia 10 3% 32,187
Source: Symantec. (2016b). Cyber-crime & cyber security, p. 25. [Online] Available WWW: https://www.thehaguesecuritydelta.com/media/com_hsd/report/135/document/- Cyber-security-trends-report-Africa-en.pdf.
b. Malware
“Malware is software that attackers use to steal confidential information, destroy data, disrupt computer operations, or gain access to the network from the compromised system.
Types of malware include viruses, worms, Trojans, and ransomware, and they spread through the use of a variety of tools such as e-mail, drive-by downloads, and infected files.
They can also exploit existing vulnerabilities to infect systems” (Symantec, 2016b, p.35).
Table 2.4: Top ten malware sources
Country Rank Percentage within Africa Incident count
South Africa 1 20% 1,716,308
Tunisia 2 14% 1,166,774
Kenya 3 8% 668,194
Nigeria 4 6% 469,018
Cote D’Ivoire 5 5% 407,112
Ghana 6 5% 405,805
Egypt 7 5% 400,679
Algeria 8 4% 304,114
Ethiopia 9 3% 245,172
Cameroon 10 3% 224,546
Source: Symantec. (2016b). Cyber-crime & cyber security, p. 26. [Online] Available WWW: https://www.thehaguesecuritydelta.com/media/com_hsd/report/135/document/- Cyber-security-trends-report-Africa-en.pdf.
c. Spam
Spam is an unspecified, unsolicited bulk e-mail which eats up a lot of network bandwidth, and is sent in huge quantities using deceived sender addresses to conceal the real sender.
Examples of spam can include advertising materials and newsletters if the receiver did not elect to receive it.
Table 2.5: Top ten spam sources
Country Rank Percentage within Africa Incident count
South Africa 1 24% 271,700,021
Tunisia 2 14% 160,301,789
Egypt 3 7% 78,429,009
Kenya 4 7% 78,410,109
Nigeria 5 4% 50,491,804
Algeria 6 4% 50,253,534
Cote D’Ivoire 7 4% 47,632,285
Ghana 8 4% 43,938,441
Morocco 9 3% 32,197,294
Cameroon 10 2% 25,478,566
Source: Symantec-1. (2016b). Cyber-crime & cyber security, p. 27. [Online] Available WWW: https://www.thehaguesecuritydelta.com/media/com_hsd/report/135/document/- Cyber-security-trends-report-Africa-en.pdf.
d. Phishing hosts
Phishing is when an attacker deceives a person, mainly through e-mail communication to distribute mischievous attachments or links that can achieve a variety of purposes, includ ing the extraction of user profile or credentials.
Table 2.6: Top ten phishing host sources
Country Rank Percentage within Africa Incident count
South Africa 1 74% 4,621
Morocco 2 5% 319
Egypt 3 3% 184
Kenya 4 3% 160
Nigeria 5 2% 136
Tunisia 6 2% 112
Cameroon 7 1% 57
Libya 8 1% 53
Zimbabwe 9 1% 51
Algeria 10 1% 48
Source: Symantec-1. (2016b). Cyber-crime & cyber security, p. 28. [Online] Available WWW: https://www.thehaguesecuritydelta.com/media/com_hsd/report/135/document/- Cyber-security-trends-report-Africa-en.pdf.
Cyber-security efforts in South Africa are led by the Cyber Response Committee which operates under the State Security Agency’s oversight (Symantec, 2016b). This interim committee has the following role players:
a) South African Police Service (SAPS), which plays the role relating to the investiga t io n of cybercrimes.
b) Department of Telecommunication and Postal Services is the custodian of a cyber hub, and supports initiatives to ICT users on cyber-security matters.
c) Department of Justice and Constitutional Development whose role is legisla t io n drafting.
d) State Security Agency provides administration support to the Cyber Response Committee and is also responsible for the implementation of cyber-security initiat i ves in the country whilst waiting for promotion of comprehensive legislation on various aspects of cyber-security.
e) Department of Science and Technology plays a significant role in the development and implementation of research and initiatives to advance the needed skills to deal with cyber aspects in the country.
f) Department of International Relations and Cooperation, which is responsible for international relations specific to cyber-security.
g) Department of Defence is responsible for the cyber offensive and defensive development and implementation thereof.
2.10. LOCAL GOVERNMENT LEGISLATIVE FRAMEWORK IN SOUTH