Big threat to South Africa’s financial system

The South African Reserve Bank (SARB) warned that cyberattacks pose an ever-present risk to South Africa’s financial stability and could have far-reaching consequences for the country’s financial sector.

The Reserve Bank released its first Financial Stability Review of the year, which highlighted some major risk factors for the country’s economy, including cybersecurity.

“The financial sector has to deal with and ward off cyberattacks on a daily basis,” the SARB explained.

“A successful attack on critical financial infrastructure has the potential to disrupt the payment, clearing and settlement system, with potentially far-reaching consequences.”

Ransomware attacks threatened both critical infrastructures and enterprises during 2023, with 78% of South African organisations reporting a ransomware attack between January and March 2023, up from 51% in 2022.

A cyberattack’s ability to cause a systemic event was recently seen in Lesotho. On 12 December 2023, Lesotho’s central bank announced that a cyber-incident the previous day had caused it to suspend some of its systems, interrupting interbank and international payments.

The fact that cyberattacks are borderless and can come from anywhere makes them even more difficult to deal with.

Notably, state-sponsored cyberattacks also increased, and according to the Reserve Bank, these attacks may be even more harmful “as they may be politically motivated and intended to disrupt financial systems, rather than being aimed at financial gain”.

The Reserve Bank said data on attempted cyberattacks on domestic financial institutions remain scarce.

“However, financial institutions and regulators are working collaboratively on incident reporting, monitoring and response structures, which should result in a clearer view of the domestic threat landscape once implemented,” it said.

Cyberattacks leave businesses and individuals vulnerable to having their money and data stolen.

Earlier this year, the Companies and Intellectual Property Commission database was hacked, exposing South African business owners’ usernames, passwords, credit card details, and other sensitive information.

MyBroadband reported that the compromised data included usernames, passwords, ID numbers, full names, physical addresses, and even credit card details.

In March, Nampak was also hit by a cybersecurity attack, announcing on 20 March that an unknown third party gained access to its IT systems, notwithstanding its “robust and embedded security protocols”.

“Due to the continuous nature of cyber-risk, persistent vigilance and the improvement of cyber defences remain crucial,” the Reserve Bank said.

“This includes implementing fundamental security hygiene practices, such as enabling multifactor authentication; applying zero-trust principles; using extended detection and response as well as anti-malware staying up to date, for instance with patching version control across all systems; and implementing data protection and management.”

Defending against hackers

Allan Gray IT security manager Werner Lunouw explained how South Africans can protect their devices against hackers.

“Regularly upgrade your anti-virus and security software,” he said.

“Ensure that you install the latest security upgrades to your device’s operating system, applications and browser. Use reputable anti-virus software and anti-spyware and ensure that you update it on a daily or at least weekly basis.”

he also urged South Africans to install a personal firewall that restricts external devices from accessing their devices.

“You should also ensure you protect your passwords and devices. Set passwords that are at least 10 characters long and use a combination of numbers, symbols and lower and upper case letters. Avoid obvious passwords, e.g. ‘password1’, and change your password regularly,” he said.

“Never save your password when prompted by your browser. Write your password down or store it in a password vault.”

Lunouw also warned about phishing scams, where sophisticated scammers often try to impersonate financial services providers in an attempt to get hold of someone’s personal information.

“You should always be alert when interacting with emails that seem unusual or request you to take any kind of action,” Lunow said.

This includes not clicking on links from unknown or unreliable sources, checking that the emails you receive are sent from a trustworthy source, and analysing the accuracy of the spelling of the email address.

Scammers may use an email address that looks very similar to a trusted email address. Make sure to verify the email address and not just the display name, he said.

“When you hover over the display name, the email address should match or be very similar. Spoofing scams may use a display name that looks familiar to you, but the email address will often be vastly different.”


Top JSE indices