South Africa: Serious About Cyberwarfare

Uploaded on 2015-02-23 in NEWS-Cybersecurity News, GOVERNMENT-National

Shortly after 9/11, the South African government introduced measures to fight terrorism in the country, including a Bill allowing the monitoring and interception of communications. It became the Regulation of Interception of Communications and Provision of Communication-Related Information Act (Rica) of 2002. This replaced the Interception and Monitoring Prohibition Act of 1992, which did not deal adequately with technological advances.

Rica regulates interception of communications, including Internet traffic, making it illegal for communications to be intercepted except according to the Act. This provides for a designated judge to issue interception directions requested by the defence force, intelligence services or police, on crime-related or national security grounds and then interception directions are undertaken by the Office of Interception Centres (OIC). The Act requires all communications networks to be capable of surveillance. It places the obligation on all service providers to assist the state in monitoring and intercepting communications. It obliges service providers to store communication-related information at their own expense. All cellphone users must register their SIM cards and provide proof of residential address and identity numbers.

But, argues Privacy International, the grounds for issuing interception directions are too vague: the judge merely needs to be satisfied there are reasonable grounds to believe an offence has been, is being or will be committed. This may not be constitutional: it allows law enforcement officers to speculate. There is no provision in the Act for people whose communications have been intercepted to be informed once the investigation is completed, or if the judge turns down the application for an interception. A key flaw in South Africa's law is lack of public oversight. The public is provided with too little information to monitor whether the Act is achieving its intended results: to fight off genuine threats to national security.

Significantly, the Act does not cover intelligence from foreign signals, or intelligence derived from communication from outside South Africa, whether it passes through or ends in the country. These signals can be intercepted without a direction. These developments strongly suggest that South Africa is serious about developing its cyberwarfare capabilities, and is willing to put copious resources into this effort, in spite of the dubious reasons for doing so.

Jane Duncan is a professor in the department of journalism, film and television at the University of Johannesburg. This is an edited extract from her new book The Rise of the Securocrats: The Case of South Africa, published by Jacana Media            ein news    academia edu

« Big Money: The US Intelligence Budget
Understanding digital intelligence from a British Perspective »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

Secusmart

Secusmart

Secusmart provide highly secure and encrypted speech and data communication solutions.

DTS Solution

DTS Solution

DTS Solution delivers advanced cyber security solutions through is technology partnerships with industry leading security vendors and advanced consulting services.

Truepic

Truepic

Truepic provides technologies that prevent fraud, identity theft, misinformation, and disinformation caused by generative, manipulated, or deepfake digital content.

Altron

Altron

Altron provides locally relevant innovative and integrated ICT solutions to business, government and consumers.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

TruNarrative

TruNarrative

TruNarrative provides a unified solution for Identity Verification, Fraud Detection, eKYC, Risk Assessment, AML Compliance and Account Monitoring.

IberLayer

IberLayer

IberLayer is the company behind the Email Guardian service, a cloud based Email Total Protection system that filters and blocks email threats.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

Munich Re

Munich Re

Munich Re is a leading global provider of reinsurance, primary insurance and insurance-related risk solutions including Cyber.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

DataPatrol

DataPatrol

DataPatrol is a software company, specialized in providing Security and Privacy of company’s data and information in an evolved way.

Career Smarter

Career Smarter

Career Smarter offers accredited online courses in cybersecurity and other sectors, helping learners gain industry-recognised certifications.