This study shows that cyber crime is a recent addition to the list of crimes that can adversely affec tbusinesses directly or indirectly. This phenomenon was not directly prosecutable in South Africa until the enactment of the ECT Act in July 2002. However this Act also prevents businesses to fully prosecute a hacker due to incompleteness. Any kind of commercially related crime can be duplicated as cyber crime. Therefore very little research appears or has been documented about cyber crime in South African companies before 2003. The motivation to do this study was that businesses often loose millions in cyber attacks, not necessarily through direct theft but by the loss of service and damage to the image of the company. Most of the companies that were approached for interviews on cyber crime were reluctant to share the fact that they were hacked or that cyber crime occurred at their company as it violates their security policies and may expose their fragile security platforms. The purpose of this study was to attempt to get an overall view on how South African businesses are affected by cyber crime in the banking and short term insurance sector of the South African industry and also to determine what legislation exist in this country to protect them. The case study approach was used to determine the affect of cyber crime on businesses like banks and insurance companies and higher education institutions. Each case was interviewed, monitored and was observed over a period of a year. This study discloses the evaluation of the results of how cyber crime affected the cases, which were part of this study. The banks and higher education institutions felt that they were at an increased risk both externally and internally, which is likely to increase as the migration towards electronic commerce occurs. The insurance industry felt that they are not yet affected by external cyber crime attacks in this country.
Recommend using Internet Explorer for access to publisher's version