In November the Western Cape High Court found, on the evidence, that the person who had paid money into the wrong bank account because of responding to a false email bore the loss of R866,726.25. The judgment is based on the law that the debtor bears the risk in making a payment to ensure that
Cybercrime
Cybercrime held to be a social engineering loss not computer fraud under policy
Cybercrime held to be a social engineering loss not computer fraud under policy
The insured was defrauded when a bad actor tricked the company CEO into wiring nearly $600 000 into the bad actor’s bank account. It was held that the loss was covered under the social-engineering-fraud cover with a limit of $100 000 and…
Holder of trust money is liable for paying incorrect party
A firm of attorneys involved in a property transaction paid R1 744 599.45 into the bank account of a hacker in response to emailed instructions. It was held that the attorneys were liable to the true client to pay this amount for failing to perform their mandate in regard to the trust money with sufficient…
Comment on the Cybercrimes and Cybersecurity Bill extended to 10 August 2017
A revised draft of the Cybercrimes and Cybersecurity Bill was tabled in Parliament in February 2017. See our previous post on the major changes to the original draft published for public comment in August 2015.
At the beginning of July 2017, the portfolio committee on justice and correctional services called for public comments on the…
Petya or NotPetya – under POPI you must report
Barely recovering from the WannaCry ransomware attack, many across the globe now have to deal with the latest ransomware attack, NotPetya. Originally thought of to be the Petya ransomware for making money, security analysts quickly realised that the current cyber-attack was not designed to make money. It appears that NotPetya has actually just been designed…
Cover for cyber breaches under general liability policies
If insurers don’t want to cover cyber liability under a general liability policy they’d better check their wordings and introduce exclusions if necessary.
Whether or not cyber breaches are covered under the “personal and advertising injury” section of commercial general liability policies depends on the circumstances of each case. I discuss two cases which illustrate…
Cyber threats, exposures and insurance
One of the main concerns for South African businesses is dealing with cyber threats. While loss or harm caused by cyber incidents is not entirely new, these incidents have become more common in recent years due to the rapid advances in technology and the changes in many business models. By way of an example, machines…
Cybercrimes and Cybersecurity Bill introduces Cyberlaundering – with far reaching implications
Commendably, South Africa’s new Cybercrimes and Cybersecurity Bill proposes that we take a bold step ahead of contemporary laws across Africa and beyond. Pertinently, clause 19(1) of the Bill proscribes the novel concept of cyberlaundering.
Cyberlaundering is the use of a computer to perform or assist an unlawful financial transaction or a relationship involving property…
New structures to fight cybercrime
Cybercrime happens at the speed of broadband with criminals able to easily move the tools of their activities from one location to another. Successfully combatting cybercrime therefore requires real time detection and investigation, often by different agencies in different countries.
Cybercrime has exploded internationally in the past several years in tandem with the surge of…
Can you be traced through your internet activity?
Each device which accesses the internet is allocated a unique number (Internet Protocol or IP address) by its internet service provider (ISP). A record is created each time this IP address accesses a webpage, including the date, time and URL (website address) accessed. These records are stored by the ISP.
ISPs are prohibited from providing…