News

Industries

Companies

Jobs

Events

People

Video

Audio

Galleries

My Biz

Submit content

My Account

Advertise with us

Cybercrimes Act: What you need to know

In June this year, South Africans got yet another taste of how destructive criminal cyber attacks can be. As the month drew to a close, the National Health Laboratory Service (NHLS) fell victim to a ransomware attack. The incident delayed the processing of millions of blood samples, affecting waiting times for patients, and by mid-July, the service’s IT systems still had not been restored.
Image source: Gleb Shabashnyi –
Image source: Gleb Shabashnyi – 123RF.com

It was the latest example of how cybercrime has become a growing problem for the public and private sectors alike. In fact, data released by cybersecurity firm Check Point shows that there has been a 37% increase in cyber-attacks across Africa over the past 12 months. The scope of cybercrime is also increasing and covers everything from online versions of traditional crimes such as fraud, theft, extortion, and child pornography as well as crimes which became possible as a result of computer usage such as hacking, phishing, and piracy, among others.

While organisations should always do everything in their power to prevent and mitigate these attacks, it is also important that they understand what legal protections are available to them. In South Africa, the most relevant piece of legislation is the Cybercrimes Act No. 19 of 2020. Officially signed into law on 1 December 2021, the Act is a comprehensive legislative response to the evolving landscape of cyber threats in South Africa. The Act’s effectiveness, however, relies on enforcement and that, in turn, relies on several factors, including implementation, international cooperation, and collaboration between the public and private sectors.

Understanding the Cybercrimes Act

Before taking a deep dive into what those factors are and how they can come together, it is worth understanding a little more about the Cybercrimes Act.

The primary objective of the Act is to create provisions and criminalise various forms of cyber-related crimes and establish mechanisms for the investigation, prosecution, and prevention of cybercrimes. It encompasses a wide range of illicit activities, including, among others, unlawful access, unlawful interception of data, unlawful interference with data and computer programs/systems as well as cyber fraud.

It additionally sets out provisions addressing cybercrimes and penalties for those found guilty of committing them. This means that individuals who engage in activities such as malicious hacking or spreading software viruses can face fines or even imprisonment. Another key aspect of the Act is that it provides for extraterritorial jurisdiction. In this respect, it provides South African courts with the power to deal with both cybercrimes perpetrated within South Africa as well as those that affect South African interests, even if they may occur outside the country.

Making the Act effective

Ensuring the effectiveness of the act relies on several factors coming together. These include:

Enforcement and implementation: Successfully enforcing and implementing the Act depends on the capacity and readiness of law enforcement agencies, the judiciary, and other relevant stakeholders to meaningfully deal with cybercrimes. Ensuring that these stakeholders have adequate training, resources, and cooperation is crucial to the effective execution and enforcement of the Act. Providing law enforcement with the necessary tools and knowledge to handle cybercrimes efficiently is therefore essential.

Technological advances and adaptability: Cyber threats evolve very rapidly, necessitating continuous updates and amendments to the legislative framework to keep up with emerging challenges. The broad scope of the Act covers various forms of cybercrimes which helps address many contemporary threats. Ensuring that the legislation remains relevant and effective in combating new types of cyber threats, means that periodic reviews and amendments must be made to the Act. This ongoing legislative oversight and the incorporation of new provisions will help in accommodating advancements in technology and changes in cybercrime tactics and risks.

International cooperation: Given the global nature of cyber threats, international cooperation is essential for effectively combating cybercrimes. The Act facilitates collaboration with foreign counterparts through mutual legal assistance treaties and information-sharing mechanisms. By working together with other countries, South Africa can enhance its ability to track and apprehend cybercriminals who operate across borders. This cooperation involves sharing intelligence, coordinating joint investigations, and providing legal support, ensuring that cybercriminals are brought to justice, regardless of where they are located. Strengthening international partnerships helps to build a global network of defense against cyber threats, making it harder for criminals to exploit jurisdictional boundaries.

Public-private sector collaboration: Collaboration between the government, the public sector, and the private sector is vital for a comprehensive approach to cybersecurity. The government plays a critical role in setting policies, regulations, and standards to safeguard national infrastructure and data. The public sector, including law enforcement agencies and regulatory bodies, provides expertise and resources for cybercrime prevention and response. The private sector, comprising businesses and organisations, meanwhile contributes valuable insights, innovations, and investments in cybersecurity solutions, fostering a collective effort to address cyber threats effectively. This collaboration ensures that cybersecurity measures are robust, coordinated, and aligned with the needs of all stakeholders, which ultimately enhances the resilience of the digital environment.

Addressing growing threats

Cybercrime poses a growing threat worldwide as technology advances. South Africa’s Cybercrimes Act represented a proactive response to that threat. Its ongoing effectiveness, however, hangs on robust enforcement, technological advancements, adaptability, civil freedom protection, international cooperation, and public-private collaboration. By addressing these key aspects, South Africa can strengthen its resilience against cyber threats and foster a safer digital environment for its citizens, businesses, and the economy at large.

About Zaakir Mohamed and Shuaib Vahed

Zaakir Mohamed (Director, Head of Corporate Investigations and Forensics) and Shuaib Vahed (Legal Intern, Corporate Investigations and Forensics) at CMS South Africa
Let's do Biz