Cyber-crooks sting South Africa for A$26m

A cyber-crime syndicate is believed to have defrauded the South African government of more than £12.8m in a series of spyware frauds.

A cyber-crime syndicate is believed to have defrauded the South African government of more than £12.8m (A$26m) in a series of spyware frauds.

The crimes were revealed by the South African Minister for Finance and Economic Development, and have resulted in 32 arrests in connection with more than 80 separate fraud counts.

The case is thought to be South Africa's largest reported cyber-crime spree by a single gang.

Geoff Sweeney, chief technology officer at IT security vendor Tier-3, said that spyware attacks are notoriously difficult to stop owing to their unpredictable nature.

"The evolution of malware has reached the point where the lines are blurring between viruses, Trojans and what we call multi-vector IT security threats," he said.

"These fraudsters appeared to use a sophisticated combination of attacks that consisted of a physical device and a malware component, as witnessed by the fact they have been getting away with their crimes for nigh on three years."

Sweeney warned that, in common with more sophisticated IT security attacks, frauds of this nature are very difficult to stop using a traditional single line of defence.

"Companies need to rethink their strategy in the light of the increasing sophistication on the part of the fraudsters," he said.

"They should consider installing multiple layers of defence, including behavioural analysis technology which can look for abnormal patterns of hardware change or network behaviour such as those that may have been used in this attack."

Sweeney believes that behavioural analysis is "a security technology in the ascendant" for the simple reason that it acts as a safety net for all forms of IT security threats.

"Had the South African government and its agencies installed this form of security technology, they could have avoided the fraud taking place," he said.