Cybersecurity Threats Persisted Through South Africa’s Elections

South Africa’s recent elections unfolded against a backdrop of heightened cybersecurity concerns, with the nation facing a surge in digital attacks that targeted critical infrastructure and businesses. The vulnerabilities in the country’s digital defences were laid bare by breaches at government agencies, including the Electoral Commission, in the run-up to the polls.

Reabetswe Motsamai, Marketing and Communications Manager at MakwaIT Technologies, had presciently warned: “These attacks, which may have compromised sensitive data like personal information or financial records, highlight the vulnerability of critical infrastructure and spotlight the urgent need for advanced threat prevention as the severity and frequency of attacks are expected to escalate.”

The threat landscape extended beyond the public sector throughout the election period. South African businesses continued to face an average of over 1,000 attacks per week, according to security firm Check Point. Despite 73% of organisations anticipating a disruptive cybersecurity incident within two years, only 7% were adequately prepared when the elections took place.

Citing the 2024 Cisco Cybersecurity Readiness Index, Motsamai had noted that cyberattacks were becoming “more sophisticated, widespread, and frequent – outpacing current business defences”. Her emphasis on the need for organisations to evolve their security measures continually proved pertinent as the election season unfolded.

With elections having taken place in South Africa and slated for 19 other African countries this year, Interpol‘s warning about two rapidly expanding threats – ransomware and business email compromise (BEC) – remained relevant throughout the electoral process.

Ransomware: A Persistent Threat

In the lead-up to the elections, 78% of South African companies had fallen victim to ransomware attacks, with high-profile targets including Porsche and TransUnion. These attacks, which encrypt vital data and demand payment for its release, were behind breaches at government agencies.

Concerningly, only 19% of organisations viewed ransomware as a significant threat in the year of the elections. This complacency was worrying, given that the average cost of a ransomware attack was estimated at $5.13 million.

Motsamai had advocated a multi-pronged approach to mitigate ransomware risks, including staff training, implementing robust email and endpoint security, deploying advanced malware protection, and regularly backing up critical data. These measures proved crucial during the election period.

AI-Powered Email Threats During Elections

Business email compromise, a sophisticated form of phishing, had nearly doubled in the year leading up to the elections, according to Mimecast’s 2024 State of Email & Collaboration Security report. Fifty-seven percent of South African companies had fallen prey to these attacks, including the Passenger Rail Agency of South Africa, which lost R30.6 million.

“BEC is swiftly becoming a major threat, especially with advances in AI making attacks more sophisticated and difficult to detect,” Motsamai had warned. This prediction held true as scammers exploited AI to impersonate legitimate contacts throughout the election season, attempting to trick companies into making unauthorised payments or redirecting funds.

To combat this threat, Motsamai had advised vigilance regarding unexpected payment requests, recommending verification of unplanned or urgent instructions through trusted contact channels and implementing email authentication tools. These precautions proved valuable during the heightened risk period of the elections.

Post-Election Cybersecurity Landscape

As anticipated, the cyber threat landscape in South Africa evolved beyond the elections, with attackers shifting focus from political agendas to financial crimes. The impact ranged from financial losses and reputational damage to regulatory fines and, in some cases, disruptions to national services.

Motsamai’s conclusion remained apt: “By implementing advanced threat prevention strategies and fostering a culture of cybersecurity awareness, public and private organisations can reduce their risk.”

As South Africa emerged from its electoral process, the nation’s ongoing cybersecurity readiness remains crucial in safeguarding its democratic institutions and economic stability in the face of persistent digital threats.

Read next: Cybercriminals exploit human error as biggest security flaw