The Rising Threat of Cyberattacks and Neglected Cybersecurity in South Africa

Cybersecurity in South Africa, a key aspect for technological development and progress, is at significant risk due to persistent neglect by the authorities. South Africa faces an escalating number of cyberattacks that are detrimental to its economy, societal fabric, and international reputation. Recent high-profile breaches have spotlighted the vulnerability of public and private sectors to seasoned hackers, prompting concerns over the government's slow response and apparent reluctance to invest in vital cybersecurity capabilities.

In a significant incident that occurred in August, the notorious Snatch group extracted approximately 200 terabytes of data from the Department of Defence. The State Security Agency also suffered a cyberattack ahead of the Brics summit in the same month. These heavy breaches, initially denied by state authorities, highlighted the risks stemming from the government's handling of cybersecurity issues and exposed a stark transparency and accountability deficit.

In addition to governmental bodies, South African firms are also being hard-pressed by an escalating wave of cyberattacks. Reports suggest a surge of spyware attacks by 19% in the last year. Cyberattacks targeting critical infrastructure sectors such as water, energy, telecommunications, and health pose a serious threat to stability and public safety.

Specific incidents, such as the 2021 hacking attack that disrupted Transnet's port facilities, demonstrate how such cyberattacks can severely impact society at large. The government, however, seems to lack the investigative and prosecutorial capacity necessary to hold these cyberattackers accountable, suggesting a need for trenchant action.

The development stands in sharp contrast to the government's aspirations to build a resilient multipolar international system as a part of the Brics bloc. Despite initiatives launched by Brics to support a developmental approach to cybersecurity and establish universally accepted norms, South Africa appears unprepared to handle the potential disruptions posed by cyberattacks. This apparent inadequacy is further emphasized by the neglect of cybersecurity in the draft Critical Infrastructure Protection Regulations.

An effective South African cybersecurity strategy calls for more than just paperwork — it requires investment in robust capabilities for identifying and attributing cyberattacks, regardless of whether they target public or private sectors. Moreover, the government needs to address the significant cybersecurity skills deficit in the country proactively. Increasing investment in cybersecurity capabilities is not a question of budget allocation, but rather a necessary step to ensure the economic stability and safety of both public and private sectors in South Africa.