Wave of supercharged cyberattacks will hit South Africa within 5 months, expert warns
South Africa has at most five months to prepare for a wave of cyberattacks targeting local organisations driven by the increased popularity and performance of AI models.
Justin Lee, vice president for Sub-Saharan Africa at international cybersecurity firm Palo Alto Networks, explained that advancements in AI are only going to increase the rate of these incidents.
“We estimate a three-to-five-month window for organisations to get ahead of attackers before AI-driven exploits become more widespread,” he said.
In the last three months, numerous South African companies have experienced cyber incidents, including Pick n Pay, Standard Bank, Adumo and Esquire.
These companies were joined by major breaches involving the Gauteng Provincial Government, Statistics South Africa, and the African National Congress (ANC).
Lee said that the capabilities of AI models, like Anthropic’s Mythos, are not overstated. “If anything, these models are more capable than first understood.”
He said that the shift for cybercriminals already embracing AI was clear for South Africa, with the company now among the top 20 worldwide for cybercrime complaints as of last year.
“AI-driven attack capability changes the economics for attackers. What once required skill, time, and resources can now be done faster, more cheaply and at a greater scale,” he said.
“We have moved from a world where AI assists attackers to one where AI can drive attacks autonomously, and the pace of change means traditional security approaches need to evolve quickly.”
Lee said Anthropic’s latest AI models were being used worldwide to find system vulnerabilities and prevent potential exploits.
Palo Alto was a launch partner of Project Glasswing, Anthropic’s limited release of Mythos, which it said was its most powerful model yet for coding and development.
Lee said Palo Alto has extended its testing to include advanced AI models from companies like Anthropic and OpenAI, including Claude Opus 4.7 and GPT 5.5 Cyber.
“The scale of what these models can find is telling. Testing that previously took a full year can now be completed in days,” he said.
AI making it 1,400% easier to find security flaws
In one of the company’s most recent patches, Lee explained that the majority of security findings were discovered by these advanced AI models scanning code.
He said they identified 75 security flaws across 26 vulnerabilities, compared to a typical monthly volume of fewer than 5. This represented a 1,400% increase in capability.
Bijan Sanii, CEO of Canadian fraud detection provider Inetco, told MyBroadband that South African institutions, including its banks, should be concerned about the power of AI-driven cybercrime.
“Not because Mythos is necessarily being used in fraud scams and bank fraud schemes today, but because it signals where the cyber threat environment is heading,” he said.
“The issue is that AI is accelerating the discovery, testing and potential weaponisation of software weaknesses.”
In May, a small team of cybersecurity researchers found an active, exploitable vulnerability in Apple’s famous Mac cybersecurity protection, which had never been breached.
Apple reportedly spent five years building the protection system, which the researchers were able to find an exploit to breach in just one week.
The advantage was Mythos, which helped the researchers accelerate their efforts and find methods to crack Apple’s hardware-assisted memory safety system.
“Memory corruption remains the most common vulnerability class everywhere, including iOS and MacOS,” the researchers explained previously.
“In security, if you can’t fully prevent something, you mitigate it by making exploitation more expensive.”
They explained that part of their motivation was to test the limits of the best AI models in cybersecurity, especially in coding.
The danger was that while cybersecurity experts used AI to find vulnerabilities before bad actors did, the other side of the fence was investing in AI too.
Threat actors employed their own large language models to identify the most vulnerable processes and systems to attack.
Check Point Software security engineering head for Africa, Ian van Rensburg, said that threat actors are now using AI as “mega hacking” assistants.
“Hackers are using AI, and their attacks are now at the speed of a machine and not a human. These things get exploited very quickly,” he said.
Loading ...