Cyber Security and The South African Financial Industry During Covid-19

The report below will examine cyber threats to the local and international financial industry during the Covid-19 pandemic and what impact it has on the safety, security and livelihoods of consumer and customer data in a time where financial sustainability is anything but certain.


Cyber Security and The South African Financial Industry during Covid-19


The international Covid-19 pandemic has resulted in both individual users and collective entities transferring financial statements and activities online. At the same time, a number of individuals that has never been exposed to online banking and digital statements were inadvertently forced to contactless payments and digital cash transfers in an active attempt to comply with social distancing and isolation practices. Similarly, banking and call centre employees affiliated to financial institutions were compelled to work from home with new software and official workstations. 


Did You Know?


According to findings by VMware Carbon Black, international financial organisations were subjected to a 238% increase in cyber-attacks between February and April 2020, which was closely followed by similar attacks on the international healthcare and pharmaceutical sectors. Ironically, the notable increase in attacks coincided with international news such as the first confirmed American Covid-19 infection, the country’s first death, and the World Health Organisation effectively declaring a pandemic. This trend is noted due to the fact that international developments often provide expedient bait for phishing emails.


Most concerning was the contemporary trend that a number of financial institutions reporting that they had been targeted by destructive attacks designed to cause maximum damage, as opposed to malware or attacks eliciting a ransom payment.


Similarly, attacks transcended the digital landscape to the physical terrain by implementing social engineering and advanced tactics to exploit not only the human factor, but also existing weak links caused by processes and technologies in use by the supply chain.


At the same time, although not classified as cyber-attacks, the increasing number of individuals losing their employment, the South African Social Security Agency (SASSA) and Unemployment Insurance Fund (UIF) were suddenly inundated with requests for financial assistance. This resulted in both entities’ online infrastructure buckling under the number of unprecedented demands and growing number of beneficiaries.

The South African UIF website affiliated to the South African Department of Labour could not process the unprecedented number of requests and resulted in individuals being unable to submit claims to the Department of Labour’s Covid-19 relief fund forcing applications to be put on hold for May 2020. This challenge has been resolved in the interim.


SASSA was similarly challenged by an unforeseen technical glitch in its payment system leaving approximately 450 000 social grant beneficiaries unable to collect their much needed financial assistance and approximately more than 435 000 individuals receiving double payments. Luckily the glitch was fixed and beneficiaries were able to financial assistance, but Government relied on individuals receiving double payments in disclosing and paying back the money to the social grant provider.  

What Can We Do?

Aside from training, banks and financial institutions can mitigate its risk of attack and exploitation in three distinct and encompassing ways. First and foremost, strong corporate governance, cyber-security frameworks, policy enforcement and reporting need to be implemented. Secondly, risk prevention and response, and recovery readiness. And finally, information-sharing with other financial institutions and adoption of international standards and regulatory oversight is imperative.

CSI provides sector specific, corporate and awareness training to build a cyber security culture and to ensure a safe organisation.