Emergency: 0861 222 250 info@orchidrisk.co.za

South Africa remains vulnerable to cyberwarfare, despite a plan to protect the country against threats to its national security and commercial capability being put into motion almost eight years ago.

Cyberattacks have increased at a rapid rate, especially since the onset of the Covid-19 pandemic, which left many businesses vulnerable to incidents as work moved from secure offices and servers to homes.

The private sector isn’t the only target of global cybercriminals. South Africa’s state-owned rail, port, and pipeline company, Transnet, became a victim of a ransomware attack in 2021. The country’s justice department was also targeted later that same year. These attacks, focused on South Africa’s critical infrastructure, are expected to increase in frequency and veracity, according to technology experts.

Government approved the National Cybersecurity Policy Framework (NCPF) in 2012, making it official through a gazette three years later. This was developed “to ensure a focussed and an all-embracing safety and security response in respect of the cybersecurity environment.” The NCPF deals, among other cyber threats, explicitly with the issue of cyberwarfare.

“In order to protect its interests in the event of a cyber-war, a cyber defence capacity has to be built,” notes the NCPF.

“The department of defence and military veterans has overall responsibility for coordination, accountability, and implementation of cyber defence measures in the Republic as an integral part of its National defence mandate.”

It’s taken almost eight years for the department of defence (DOD) to finalise its Cyber Defence Strategy, and, during a recent parliamentary portfolio committee meeting, serious red flags were raised about the South African National Defence Force’s (SANDF) progress and preparedness.

Under the mandate of the NCPF, the DOD must create a unified Cyber Command aimed at protecting the National Critical Information Infrastructure (NCII). To do this, the SANDF must staff the Cyber Command, sign partnerships to obtain training, benchmarking standards, and technology transfers, and develop its overarching strategy.

So far, the SANDF has created a Cyber Command and, in developing its operational capabilities, has conducted a skills audit among members and provided in-post training.

The team is currently able to detect and identify cyber threats, according to the presentation delivered to parliament by the Command’s head, Brigadier General Mafi Mgobozi, and is developing its own database to better predict future threats. The Cyber Command also claims to “hunt for threats and stop the threats” as part of a proactive response.

But the Cyber Command’s effectiveness and progress have been marred by funding issues – impacting the SANDF as a whole – together with a lack of human resources and technological expertise.

The “Cyber Command is able to function, however not optimally,” noted the presentation.

The team charged with protecting South Africa from cyberwarfare targeting NCII has “not yet acquired suitable facilities due to funding” and “is accommodated at Defence Intelligence HQ with limited space.”

And while the Cyber Command claims to monitor external and internal threats, it hasn’t managed to achieve most of its other objectives, including digitising the military, cyber-weaponising the DOD, or properly developing research, development, and innovation capacity.

The “Cyber Command is currently partially operational since it is not yet fully capacitated,” according to the parliamentary presentation, with the SANDF highlighting major challenges.

Funding for equipment, training, and personnel is inadequate, with the Cyber Command even struggling to obtain proper software, blaming the “dollar/rand exchange”. Specialised training within the field of cybersecurity has also been hard to attain, said the Cyber Command, while the Cyber Defence Strategy and Structure, still to be approved, also remains a hurdle.

Article by www.businessinsider.co.za photo via www.unsplash.com