VizStrat Solutions

07/06/2024

https://www.itweb.co.za/article/lack-of-national-cyber-security-strategy-puts-sa-at-risk/5yONP7ErkW1MXWrb

A thorough cyber security strategy would provide direction and outline the priorities of the various security laws, says advocate Jacqueline Fick.

22/11/2022

29/07/2022

Watch out for a a phishing email purporting to be from "Afrihost"!
I recently received an email from "Afrihost". It was off course late, a busy day and one does not pay much attention when you receive a notice "you have not renewed your domain". And it appears legit: the logo is there, colours are good and you do have a domain with that name.
Think before you act: no matter how busy you are, or if you were wondering if you did indeed pay the account as in my case don't just click on the link to follow up. If you want to confirm if you are indeed at fault go to the website itself in your browser and check if the content of the email is indeed correct. Or you could right click on the link, copy it and paste it into applications such as Norton Safe Web to check if the link is legit.
In the attached email I have highlighted some of the key giveaways: the email address and spelling - you instead of yours. The hyperlink in the email is also fake containing reference to "afrihost-clientzone" but so closely linked to the real address which contains “clientzone.afrihost ".
If you have clicked on such a link immediately change your password on the company's website and also notify the company in question about the mail that you received.
Such emails are usually aimed at getting you to depart with your personal information, or for you to pay for something (as was the case here). These are off course now offences under the Cybercrimes Act such as Section 7: Unlawful Acquisition, Possession, Provision, Receipt or Use of Password, Access Code or Similar Data or Device, Section 8: Cyber fraud, or even Section 9: Cyber forgery and uttering (with reference to the fake email).
Stay cyber safe!
#

15/07/2022

Section 26 of the Cybercrimes Act, No 19 of 2020 states that Standard Operating Procedures (SOPs) must be published within 12 months of the commencement of Chapter 4 of the Act: thus by 1 December 2022.

SAPS have invited all interested persons and organisations to submit written comments on the Draft Standard Operating Procedures by no later than 15 August 2022.

In terms of section 26 the SOPs must be observed by:
(a) the South African Police Service; or
(b) any other person or agency who or which is authorised in terms of the provisions of any other law to investigate any offence in terms of any law.

The investigation of offences included are:

(a) Any offence or suspected offence in terms of Part 1 or Part ll of Chapter 2 of the Cybercrimes Act; or
(b) any other offence or suspected offence which may be committed by means of, or facilitated through the use of, an article ("article" as defined in the Cybercrimes Act).

For any questions or training on the Cybercrimes Act, please contact VizStrat Solutions to discuss your cyber-related training needs!

05/07/2022

It was great presenting a session for the ACFE South Africa today on the South African Cybercrimes Act and the draft Standard Operating Procedures in terms of section 26 of the Act. I have been involved in the drafting of this important document and we are finally at the point where the document will shortly be published for public comment.

05/07/2022

What an excellent conference with topical issues discussed that affect cybersecurity and critical infrastructure. Well done — UN Institute for Disarmament Research on an excellent event. What stuck with me is the importance of cooperation and information sharing, how cybersecurity should be a set of values we live and believe in and the value of continued skills development and awareness. The sessions are also available on their LinkedIn page.

The United Nations Institute for Disarmament Research (UNIDIR) welcomes you to the 2022 Cyber Stability Conference: Protecting Critical Infrastructure and Services across Sectors (CS22).

29/11/2021

And so the day has come: the commencement date for certain sections of the Cybercrimes Act, No 19 of 2020 has been announced. On 1 December 2021 provisions relating to the definitions, offences, jurisdiction, certain of the provisions relating to search, access and seizure operations, evidence and provisions relating to capacity building will come into operation. (Note the exclusions though!)

If you are yet to familiarise yourself with the legislation, contact for training and awareness sessions for your organisation!

15/11/2021

I am both honoured and excited to be a speaker at the on 17 November 2021, where I shall be talking about the developments in South African legislation in the Workshop on the Global State of Cybercrime Legislation. This will be my second time as speaker at one of the Octopus Conferences and very excited to be sharing our South African experience with the rest of the world!

Specific legislation is the basis for criminal justice action on cybercrime and electronic evidence. Many governments around the world have undertaken legal reforms, often using the Budapest Convention on Cybercrime as a guideline. However, cybercrime legislation also needs to meet human rights and....

14/07/2021

So honoured to be speaking at the ISS webinar tomorrow where we shall be discussing the Cybercrimes Act. For those that want to register it is a free event!

How does the new legislation enhance the country’s crimefighting capability at home and abroad?

02/06/2021

The Cybercrimes Act, No 19 of 2020 was signed by the President yesterday. It has also now been published in the Government Gazette!

Get to know the Act, its implications and benefits: contact us today for specialised training courses on the Act and related matters.

https://www.linkedin.com/posts/jackyfick_the-cybercrimes-act-no-19-of-2020-activity-6805818727821529088-WYus

28/05/2021

In the cyber matters I have investigated we often found that cybercriminals run their operations like a sophisticated business. And RaaS has become a very profitable service offering. The article from makes for interesting reading.

Threat hunters weigh in on how the business of ransomware, the complex relationships between cybercriminals, and how they work together and hawk their wares on the Dark Web.

25/05/2021

According to major attacks between the end of 2020 and the beginning of 2021 point to a new attack chain - the triple extortion process. This technique involves putting pressure on third-parties linked to the victims, including service providers, company clients, and external colleagues, as they are massively impacted by data breaches resulting from ransomware attacks.

This technique involves third parties linked to the victims, including service providers, company clients, and external colleagues, as they are massively impacted by data breaches resulting from ransomware attacks.