An Analysis of Cyber-Incidents in South Africa

Abstract

Cybersecurity concerns are present in all nations, but the exact nature of the threats differs depending on the country and/or region. Therefore there is a need to assess the threats and impacts for specific countries. This article presents a high-level analysis of “newsworthy” cyber-incidents that affected South Africa. The 54 incidents that are considered are categorised according to impact type, perpetrator type, and victim type, and the trends are assessed. It was found that the most common impact type was data exposure, which was also one that had increased noticeably in recent years. The most prevalent perpetrator type was found to be hacktivists, which had also exhibited a recent increase in activity. A particularly concerning trend was the recent high number of incidents of data exposure caused by error, a trend running contrary to the drive to improve cybersecurity. It was also found that of the incidents considered, 54% targeted state-owned or political entities as victims. In general, the results appeared consistent with global reported trends.