South Africa: Serious About Cyberwarfare

Uploaded on 2015-02-23 in NEWS-Cybersecurity News, GOVERNMENT-National

Shortly after 9/11, the South African government introduced measures to fight terrorism in the country, including a Bill allowing the monitoring and interception of communications. It became the Regulation of Interception of Communications and Provision of Communication-Related Information Act (Rica) of 2002. This replaced the Interception and Monitoring Prohibition Act of 1992, which did not deal adequately with technological advances.

Rica regulates interception of communications, including Internet traffic, making it illegal for communications to be intercepted except according to the Act. This provides for a designated judge to issue interception directions requested by the defence force, intelligence services or police, on crime-related or national security grounds and then interception directions are undertaken by the Office of Interception Centres (OIC). The Act requires all communications networks to be capable of surveillance. It places the obligation on all service providers to assist the state in monitoring and intercepting communications. It obliges service providers to store communication-related information at their own expense. All cellphone users must register their SIM cards and provide proof of residential address and identity numbers.

But, argues Privacy International, the grounds for issuing interception directions are too vague: the judge merely needs to be satisfied there are reasonable grounds to believe an offence has been, is being or will be committed. This may not be constitutional: it allows law enforcement officers to speculate. There is no provision in the Act for people whose communications have been intercepted to be informed once the investigation is completed, or if the judge turns down the application for an interception. A key flaw in South Africa's law is lack of public oversight. The public is provided with too little information to monitor whether the Act is achieving its intended results: to fight off genuine threats to national security.

Significantly, the Act does not cover intelligence from foreign signals, or intelligence derived from communication from outside South Africa, whether it passes through or ends in the country. These signals can be intercepted without a direction. These developments strongly suggest that South Africa is serious about developing its cyberwarfare capabilities, and is willing to put copious resources into this effort, in spite of the dubious reasons for doing so.

Jane Duncan is a professor in the department of journalism, film and television at the University of Johannesburg. This is an edited extract from her new book The Rise of the Securocrats: The Case of South Africa, published by Jacana Media            ein news    academia edu

« Big Money: The US Intelligence Budget
Understanding digital intelligence from a British Perspective »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

Kaseya

Kaseya

Kaseya is a premier provider of unified IT management and security software for managed service providers (MSPs) and small to medium-sized businesses (SMBS).

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

DFLabs

DFLabs

DFlabs is a pioneer in Security Automation & Orchestration technology, leveraging your existing security products to dramatically reduce the response and remediation gap.

Massive Alliance

Massive Alliance

Massive is a global service agency providing internet monitoring, data & security threat surveillance and reputation management.

Hypori

Hypori

Hypori is a virtual smartphone solution that makes truly secure BYOD a reality for organizations in healthcare, finance, government, and beyond.

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

Shieldfy

Shieldfy

Shieldfy is a cloud-based security shield for your website to protect it from cyber attacks and malwares.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

Yokai

Yokai

Yokai is a secure, distributed platform for data communication with enhanced security features tailored for classified environments such as finance, defence, healthcare, cybersecurity, and more.

Infrassist Technologies

Infrassist Technologies

We're Infrassist - a trusted white label Managed IT & Professional Services partner for MSP businesses.

Rankiteo

Rankiteo

At Rankiteo, we are pioneers in cybersecurity risk management. Our mission is to empower organizations with the tools they need to assess, enhance, and safeguard their digital landscapes.