South Africa’s telecommunications sector is staring down a cybercrime storm that is costing billions of rand every year.
As October marks Cybersecurity Awareness Month, the Communications Risk Information Centre (COMRiC) has issued a sharp warning: fraudsters are industrialising their methods, networks are being battered by relentless digital attacks, and the time for mere awareness campaigns has long passed.
According to recent industry data, fraud linked to telecoms drained an estimated R5,3-billion from the economy in 2024, with SIM-swap scams behind most mobile-banking breaches.
Losses per incident averaged R10 000, though some victims lost many times more. At the same time, South Africa was pounded by over 213 000 distributed denial-of-service (DDoS) attacks in just the first half of 2025, with peak volumes exceeding 300 gigabits per second. This places local operators firmly in the crosshairs of cybercrime syndicates that are becoming faster, cheaper, and harder to defend against.
COMRiC CEO Thokozani Mvelase says the message could not be clearer: “The economics of cybercrime are squarely aligned against our consumers and networks. SIM-swap syndicates are industrialised, and DDoS operators are weaponising cheap bandwidth.
“October cannot be a poster campaign. It must be a deadline for operators, banks, and regulators to harden defences, share intelligence, and measure progress. We cannot afford another year of rising losses and falling trust.”
The cost of cyber incidents extends far beyond direct fraud. IBM research shows the average breach in South Africa cost R53,1-million in 2024, dipping slightly this year as AI-driven detection shortened the time hackers could spend inside compromised systems.
Yet the country’s overall cyber resilience remains dangerously thin. A national survey by the CSIR found that only a third of organisations trained most of their staff in cyber awareness last year, while almost two-thirds of critical cyber roles remain vacant and fewer than half of businesses actively monitor threats daily.
For Mvelase, this lack of readiness underscores why this month must be different. “Cybercrime is a moving target,” he says. “Awareness Month should not be a tick-box exercise. It is about action. By 31 October we want to see measurable progress, because every blocked SIM-swap, every neutralised DDoS, is one less South African at risk.”