South Africa has always held the acclaim of being one of the continent's largest economies and is still the most diversified economy in Africa. With the eyes of the world focused on South Africa in 2025—owing to its G20 presidency—there are significant expectations that the country will resolve its economic issues and position itself as a digital economy from which the world can learn lessons. However, MANCOSA points out that this expectation may be more challenging than many believe.
"It is true that South Africa is a significant role player in digital connectivity on the continent. However, we are one of the most targeted countries in the world in terms of cybercrime, and while we have developed a legal framework that can deal with cyber risks, is this framework agile enough to pivot in line with growing trends?" asks Trisha Govender, Manager: MANCOSA School of Information and Digital Technology (SIDT).
Ransomware and digital extortion on the rise in Africa
According to the 2024 Interpol African Cyberthreat Assessment Report (which reflects on 2023 digital trends), the INTERPOL member countries identified ransomware and digital extortion as one of the most serious cyber threats faced by the African continent. Such attacks are of particular concern due to their high financial impact, their ability to severely disrupt critical infrastructure and essential services, and the harm they can cause to the organisations and individuals affected.
The volume, frequency, and impact of ransomware attacks continue to grow in Africa. Research from cyber security firm Check Point suggests that, on average, one out of every 15 organisations in Africa experienced a ransomware attempt every week during the first quarter of 2023. This is even higher than the global weekly average—about one in every 31 organisations.
During a single week in February 2023, INTERPOL private partner Kaspersky detected over 300 cases of ransomware attempts in South Africa, which illustrates the increasing frequency of attacks. The financial impact of attacks also appears to be on the rise: according to IBM, the average ransomware attack cost in 2023 was $5.13 million—a 13% increase over 2022.
"We are eagerly awaiting the release of the 2025 edition of the Report that will provide an overview of the 2024 digital threat landscape, due in April. While we wait, it is important to note that Africa remains a low-hanging fruit for cybercriminals, so the threat landscape will likely increase," warns Govender.
According to the 2024 report, ransomware, business email compromise (BEC), and other online scams were the fastest-growing cyber threats in 2023. This aligns with 2024 statistics from secureframe.com that BEC accounts for 24-25% of financially motivated attacks. 77% of BEC attacks target employees outside of finance and executive roles, while one in five BEC attacks target sales employees.
"As you can see, the threat landscape is relentless," adds Govender, which has also been highlighted by the Southern African Fraud Prevention Service (SAFPS), which points out that technology is becoming central to the majority of fraud cases and scams in the region.
Addressing the problem
South Africa has been aware of the cyber threat landscape for several years, and the issue has been highlighted by specialist commentators such as MANCOSA since 2020. However, the country is far from addressing the issue head-on. Govender points out that while laws like the Cybercrimes Act (2021) and POPIA (2021) are in place, weak enforcement, skills shortages, infrastructure vulnerabilities, and limited threat intelligence sharing leave the country exposed to cyber risks.
She adds that some key risks include weak enforcement regarding cybercrimes, exacerbated by under-resourced law enforcement and slow cybercrime prosecutions. Another significant issue is the vulnerability of critical infrastructure, such as healthcare, energy, and government systems, which lack mandatory cybersecurity regulations. This was highlighted in the 2024 cyber-attack on the National Health Laboratory Service (NHLS), which crippled the only government laboratory processing lab in the country.
"A way to address the first challenge highlighted above is to increase funding around cyber enforcement and create specialised cyber prosecution units such as the ones found in Europe. Addressing the second problem involves enforcing cybersecurity standards for critical infrastructure/sectors," says Govender.
Who does the response to cyber risks fall upon? Government, companies, individuals, or a combination of these parties?
"Cybersecurity is a shared responsibility between Government, companies, and individuals. From a Government perspective, they need to enforce cyber laws, develop a national cybersecurity strategy, and strengthen critical infrastructure protection. Companies must implement strong cybersecurity policies, invest in cybersecurity training for employees, and collaborate with the Government on threat intelligence sharing. Finally, individuals need to practice cyber hygiene (strong passwords, avoiding phishing scams), remain informed about online threats and report cybercrimes and suspicious activities to relevant authorities. Lobby groups and opposition political parties then need to put pressure on the Government to become stricter about enforcement," adds Govender.
A cloud with a silver lining
While the cyber threat is ever present and South Africa lacks stringent cyber policies, Govender believes that the country can build itself up to becoming one of the most prominent digital economies on the continent.
"South Africa has a strong tech ecosystem, growing AI and fintech sectors, and government-led digital initiatives; however, its cybersecurity infrastructure is too weak to support a globally competitive tech economy. What Needs to Change? Outside of the abovementioned measures, we must invest in cybersecurity education and retain skilled professionals. The Government needs to mandate cybersecurity compliance for critical infrastructure and industries, and South Africa needs to improve government-business cybersecurity collaboration. If we can achieve this, we can look at the business sector and adapt laws to encourage digital entrepreneurship," says Govender, who adds that South Africa is actively promoting itself as an investment hub, leveraging tech innovation and industrial growth. However, we must be aware of geopolitical challenges and cybersecurity readiness, which will impact our ability to attract long-term investment.
