A new Cybersecurity Bill is coming into effect later this year which aims to stop cybercrime and improve security for South Africans. SEAN DUFFY, Security Executive at Dimension Data Middle East & Africa, explains the basics of the bill.
A proposed new Cybercrimes and Cybersecurity Bill (Cybercrimes Bill) aims to stop cybercrime and to improve security for South African citizens. A draft of the Cybercrimes Bill was first released for public comment in August 2015, and submissions closed in December. The Bill is due to be presented to Parliament later this year.
Who is affected?
The Cybercrimes Bill affects everyone using a computer or the Internet, or anyone who owns an information infrastructure that could be declared critical. Among others, the following individuals and organisations should take note: ordinary South African citizens or employees using the Internet, network service providers, providers of software and hardware tools, financial services providers (the Bill includes prohibited financial transactions), representatives from government departments, those involved with IT regulatory compliance, as well as information security experts.
What are the offences and penalties?
The Cybercrimes Bill consolidates South Africa’s cybercrime laws, which makes successful prosecution of criminals more likely. Up until now, cyber offences were charged under various acts, among others the Prevention of Organised Crime Act, and the Electronic Communications and Transactions (ECT) Act of 2002. The ECT Act seemed to govern most online crime, but only included three cybercrime offences.
The Cybercrimes Bill defines over 50 new offences, and imposes penalties. Some of the offences detailed in the Cybercrimes Bill relate to the following:
· accessing personal data or interception or interference of data
· use of hardware, software and computer systems to commit offences
· acquisition, possession and provision, or receipt or use of passwords, access codes or similar data or devices
· prohibited financial transactions
· dissemination of data or messages which advocate, promote or incite hate, discrimination or violence
· copyright infringement
· computer-related offences pertaining to terrorist activity such as espionage, unlawful access to restricted data, as well as extortion (which includes unlawful acts in respect of malware pirates, fraud and forgery)
Penalties on conviction are quite severe. Penalties include fines of R 1 – R 10 million and imprisonment of one to ten years, depending on the severity of the offence. The nature of the crime determines the penalty.
The law also imposes obligations on electronic communications service providers, such as mobile networks, Internet service providers, and financial institutions, regarding aspects which may impact on cybersecurity. The Cybercrimes Bill is very specific in obligating these institutions to take steps in preventing cybercrime to protect consumers. It also imposes a fine of R 10 000 a day on organisations that fail to comply with the stipulations in the Cybercrimes Bill.
The Cybercrimes Bill regulates the powers to investigate, as well as aspects of international cooperation. The Bill also provides for the establishment of a 24/7 point of contact and various structures to deal with cyber security.
Gear up for the final law
Incidents will happen, but it’s how an organisation responds that matters. Government is working on establishing a legal mechanism for anyone to defend themselves against cybercrime. However, organisations need to be more proactive in their security through the use of services such incident response plans, real-time threat management, vulnerability management and managed security services.
“The Cybercrimes Bill provides legal backing for anyone to defend themselves in law against cybercrime.”
AppDate: DStv taps Xbox, Hisense for app
DStv Now app expands, FNB gets Snapchat lens, Spotify offers data saver mode, in SEAN BACHER’s apps roundup
DStv Now for Xbox and Hisense
Usage of DStv Now, the online DStv service available free to DStv customers, is increasing rapidly with more than two million plays of live and Catch Up content per week. In addition to using DStv Now to watch TV on tablets and smartphones, an increasing number of DStv customers are also opting to use it as their primary method of getting DStv on additional TVs in the house. This is set to increase with the release of two new big-screen TV apps, one for Xbox gaming consoles (Xbox One, Xbox One S, Xbox One X) and another for Hisense smart TVs (2018 and newer models).
Expect to pay: A free download.
Platform: Any of the Xbox One range of gaming consoles and 2018 or later Hisense smart TVs.
Stockists: Visit the store linked to your Xbox console or HiSense smart TV.
Santam Safety Ideas
Start-up businesses that have a FinTech or InsurTech business venture brewing are called to enter the third annual Santam Safety Ideas competition. Safety solutions or InsurTech ventures that are ready for piloting could win up to R150 000 worth of incubation support and R200 000 in seed funding.
The Safety Ideas competition was launched two years ago in partnership with LaunchLab, Stellenbosch University’s startup incubator that facilitates valuable connections for corporates and startups sourced from the startup ecosystem and partner universities in South Africa. The previous winners are Herman Bester and Anton Swanevelder, co-founders of MyLifeLine – a wearable panic device that won the competition last year; and Ntsako Mgiba and Ntandoyenkosi Shezi, co-founders of Jonga – a cost-effective security system for low income families, which won the competition in 2017.
Entries close on 28 February 2019. For more information on how to enter, visit: www.santam.co.za/safetyideas/
Click here to read about the FNB Snapchat lens, Spotify Free with data saver, and 00:37.
Fortnite fixes hackers’ hole
Epic Games has repaired a vulnerability that exposed Fortnite, the world’s most popular game of the moment, to hackers. The hole, which was left in Epic’s web infrastructure, allowed hackers to target players with email that appeared to come from Epic Games, but would have led them to a phishing site, where their log-in details would have been stolen.
Researchers at cyber security solutions provider Check Point Software alerted Epic to vulnerabilities that could have affected any player of the hugely popular online battle game.
Fortnite has nearly 80 million players worldwide. The game is popular on all gaming platforms, including Android, iOS, PC via Microsoft Windows and consoles such as Xbox One and PlayStation 4. In addition to casual players, Fortnite is used by professional gamers who stream their sessions online, and is popular with e-sports enthusiasts.
If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information as well as enabling them to purchase virtual in-game currency using the victim’s payment card details. The vulnerability would also have allowed for a massive invasion of privacy, as an attacker could listen to in-game chatter as well as surrounding sounds and conversations within the victim’s home or other location of play.
While Fortnite players had previously been targeted by scams that deceived them into logging into fake websites that promised to generate Fortnite’s ‘V-Buck’ in-game currency, these new vulnerabilities could have been exploited without the player handing over any login details
Click here to read how the Fortnite hack worked
To win a set of three Fortnite Funko Pop Figurines, click here.