How R30 million in fraud was detected and the state of the South African Crime Unit
I am concerned.
I attended the Mimecast Human Firewall event where Brigadier NT Pieterse Section Head of the Electronic Crime Unit presented the South African state when it comes to cyber crime.
Several key themes emerged out of the presentation:
- The team is very unstaffed. Whilst not giving specific numbers it would seem the team consist of “more than 10” (but not much more – see pic on the right).
- It takes over five years to train an officer to be proficient in cyber crime investigation
- Out of the cases the unit investigates, only a small percentage makes it to court
- The task of reporting a traffic accident or a burglary at the local police stations is daunting enough so to explain to the Officer that someone hacked your email or website is just not going to happen.
So what does all the above mean ?
Craig Rossewarne from Wolfpack says “It means that we are in a reactive state in South Africa. What we need more collaboration between private and government just like Israel has done. Israel is $50 billion smaller than South Africa but Israel is deploying cyber security tools constantly.”
It is all Doom and Gloom ?
No.
Brigadier Pieterse shared a case where on 3 Jan 2012, a Bank established that R42 million was fraudulently deposited into 103 bank customer beneficiary accounts. This resulted in over R30 million to be withdrawn during 5 437 ATM’s transactions. The Bank normal ATM daily withdrawal limit usually set at R1 000 but yet it increased to R500 000.
The Electronic Crime Unit discovered that the cyber heist was committed in a sophisticated organised fashion, by a group of persons/syndicate/enterprise. The outcome of investigation resulted in positively identifying 200 members of the syndicate operating in a number of countries. The unit embarked on an operation codenamed “Scams-R-Us” was was made up of two legs. The first leg of Scams-R-Us was in may 2014 which saw a simultaneous take-down operation in SA,US and Canada. The second leg of Scams-R-Us was in December 2014 which resulted in simultaneous search seizure and arrests operation where the UK law enforcement arrested a “target” in Heathrow on route to South Africa which had “an abundance of digital evidence”
The National Cyber-security Policy Framework sets out the National Cybercrime Policy outlining the government’s approach to addressing cybercrime. The effective implementation of the Policy will result in:
Reduction of direct harms of cybercrimes, Increased public confidence in the safety and security of the cyberspace, Public-private partnerships to combat cybercrime.
“We will remain vulnerable to cybercrime at least until National Cyber-Security Policy Framework (NCPF) fully implemented”
In South Africa, there is no obligation to report a company being hacked like there is in the USA. It seems that 9 out of 10 companies who have been hacked don’t make it public for fear of reputation damage. This means that our information is vulnerable and we have such little control of what we put out there.
*headline image from Shutterstock.com