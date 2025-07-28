South African government infrastructure faces about 3,312 cyberattacks every week, with cybercrime costing the country roughly R2.2 billion annually.

This is according to the Communications Risk Centre’s (Comric’s) Telecommunications Sector Report for 2025.

However, the report also highlights cybercrime’s impact on the private sector, with the average cost of a data breach reaching nearly R50 million in 2023.

Comric points to ransomware attacks as the most common. These typically involve attackers encrypting the victim’s data and extorting them for a decryption key.

Minister in the Presidency Khumbudzo Ntshavheni recently highlighted the increase in cybercrime incidents, particularly ransomware attacks.

Comric reported that approximately 78% of South African businesses experienced at least one incident in 2023.

Another common type of attack is a phishing scam where criminals attempt to manipulate targets into revealing sensitive information using social engineering techniques, costing the country R200 million in 2023.

Other common attacks include business email compromise, malware and exploits, and synthetic identity fraud, which has seen the most significant uptick, with attacks increasing by 153%.

Given the rise in cybercrime, companies have begun prioritising ways of mitigating these threats above all other risks, such as environmental risks, macroeconomic volatility, and societal risks.

Of the companies surveyed, 66% prioritised mitigating cyber risks, while half as many prioritised environmental risks and 18% emphasised dealing with macroeconomic risks.

Given this increase in demand, Comric says the domestic cybersecurity market is expected to reach a projected revenue of R73 billion by 2030.

For the public sector, South Africa is not alone in facing this scourge of attacks; other African nations are encountering similar problems.

Comric’s report said Kenya faces 4,719 weekly attacks on government infrastructure, Nigeria 4,718, and Moroccan government organisations a whopping 8,733 attacks a week.

This makes the North African country one of the most targeted nations on the African continent, with the government recently facing a state-sponsored cyberattack.

National Treasury attacked

South African government departments and entities have suffered several attacks in the past year. The National Treasury was the most recent victim.

It discovered malware on its Infrastructure Reporting Model website, which is its online reporting and monitoring system.

The government department indicated that the issue was related to the recent attacks on SharePoint, a widely used web-based platform developed by Microsoft for document management and collaboration.

The vulnerability that enabled these attacks let hackers access SharePoint servers and steal keys that allowed them to impersonate users or services.

Microsoft issued patches to fix the vulnerabilities, but researchers cautioned that hackers may have already gained access to many servers.

“Considering recent media reports since Sunday regarding security incidents affecting Microsoft platforms in the US, Treasury has requested Microsoft’s assistance,” Treasury stated.

The department said it had asked Microsoft to help identify and address potential vulnerabilities within its ICT environment.

It also said that although it found malware within one system, its other systems and websites continue to operate normally without any disruption.

Treasury said it processes over 200,000 emails daily and blocks around 5,800 security threats – including phishing attempts, malware infections, and spam attacks.

A few days after Microsoft first confirmed a critical and actively-exploited vulnerability, Bloomberg reported that South Africa was among the most-targeted countries in the attack.

Earlier in the year, the South African Weather Services was hit by a ransomware attack that took down its IT systems, including its website, emails, and aviation and marine services.

Other entities hit by cyberattacks in 2024 include the South African Social Security Agency and the National Health Laboratory Service.

The Government Pension Administration Agency and the International Trade Administration Commission of South Africa also suffered cyberattacks last year.