Small Business
Enterprise
Home > 
insights > 
three reasons why sa needs the cybercrimes act cybercrime statistics

3 Reasons Why SA Needs the Cybercrimes Act – Cybercrime Statistics

July 16, 2021 by Sam Strand

South African president Cyril Ramaphosa signed the Cybercrimes Act 19 of 2020 into law on the 26th of May 2021, and it has been legally enforceable since the 1st of December 2021.

Cybercrime costs the global economy over one trillion dollars every year.  It is essential to understand the gravity of this threat and the legislation designed to fight it. 

Cybercrime Definition 

Broadly, cybercrime refers to criminal activity that uses a computer, a computer network or a networked device to commit crime, or a criminal activity that targets them to in order to commit crime (such as hacking). Cybercriminals can be individuals or organizations, and cybercrime spans many different industries. However, the exact definition of cybercrime is determined by national legislation and therefore varies from country to country.

Types of Cybercrime 

National definitions of cybercrime determine what the different types of cybercrime are. South Africa’s Cybercrimes Act adopts a fairly broad definition, which includes, but is not limited to:

  • The unlawful access/interception of data (commonly known as hacking);
  • The possession of illegal tools used in the commission of cybercrimes;
  • Illegal interference with software/hardware systems; cyber fraud;
  • Cyber forgery;
  • and malicious communications (a broad term that includes the distribution of data messages with the intention to cause property damage, incite violence, or threaten a person or group of persons).

The Act’s broad definition of Cybercrime gives it a wide scope of action and allows it to encompass issues that range from online abuse to organized crime, such as forgery and theft of incorporeal property. Additionally, the Act’s definition of a ‘person’ as both natural and juristic means that the legislation can be applied to both ordinary citizens and organisations.

Why South Africa Needs the Cybercrimes Act 

1. South Africa’s Cybercrime Legislation was Deficient 

Until the enactment of the Cybercrimes Act, South Africa had been forced to rely on the outdated and deficient Criminal Procedure Act which failed to provide a proper definition of cybercrime – a serious issue that undermined efforts to criminalize and prosecute digital crimes. 

Thankfully, the Cybercrimes Act modernises South Africa’s approach to cybercrime – the Institute for Security Studies even praised the Act, saying that it “signals the country’s commitment to global cyber security.” Another vital law was POPIA, which modernized South Africa’s data privacy laws. Contrasting POPIA against other such legislation reveals interesting clues as to the future of data privacy – most noteworthy are China’s clearly stated ambitions to shape global standards for personal information protection. 


2. Ignorance of Cyber Threats 

A report by Accenture found that South Africans remained dangerously ignorant and misinformed of cyber-related crime and threats. South Africans are generally inexperienced internet users who fail to adequately protect themselves online. This ignorance means that many South Africans are careless and prone to scams, phishing, and hacking. 

By providing a clear definition of cybercrime and shining a spotlight on the issue, legislation like the Cybercrimes Act helps to increase the diligence of the public and businesses when socializing, working and transacting online. 


3. Sky-High Cybercrime Statistics Worldwide and SA’s Reputation as a “Testing Ground”

Cybercrime statistics worldwide have grown to reach shocking new heights. According to a 2020 report by McAffee, cybercrime costs the global economy $945 billion every year – a 215% increase compared to 2013. If the additional costs of fighting cybercrime are considered, then cybercrime costs the global economy over $1 trillion a year.  

South Africa is no exception to rising levels of cybercrime. A 2020 report by Accenture identified and reported on cybercrime trends in South Africa. As of 2020, South Africa has the third-highest number of cybercrime victims in the world.  The report also noted that since 2016, South Africa has garnered a reputation for being an easy target for cybercrime – an issue which has gotten so bad that South Africa has become infamous as a testing ground for malware before it is deployed in other nations. 

These statistics reflect South Africa’s global status as a hotspot for economic crime. Since 2009, the country’s incident rate has been, on average, 27 percentage points higher than the global average. In 2020, South Africa was tied with China for the country with the highest reported incident rate of economic crime.  


Why Regulatory Compliance, Risk Management and Due Diligence are so Important  

A survey by Kaspersky on global IT security found a worrying trend of ignorance and unpreparedness. Although 91% of respondents had been victims of a cyber-attack in the last year, 45% were unprepared for dedicated cyber-attacks, while 30% had not implemented anti-malware software. 

This trend of vulnerability is mirrored in the corporate response to economic crimes such as vendor fraud. Although fraud by business partners accounted for 46% of the most disruptive economic crimes against businesses, 24% of respondents had no third-party due diligence or risk monitoring program whatsoever, even though 20% of respondents cited vendors/suppliers as the perpetrator of their most disruptive financial crime incident. 

If businesses want to operate in an environment free from crippling economic crime, this discrepancy must be addressed with the adoption of comprehensive due diligence and risk management programs.  

As South Africa’s leading provider of world-class due diligence and remote-onboarding solutions, ThisIsMe is proud to be at the forefront of a trust-based and privacy-compliant digital world. To experience our full suite of advanced due diligence services, contact our team here