South Africa’s communications systems are facing a growing threat that can no longer be ignored. As the country becomes more connected, with over 44 million people now online, the infrastructure that underpins our digital lives is increasingly being targeted by criminals.
From SIM swap syndicates to ransomware gangs, cyberattacks have become more frequent, more sophisticated, and more disruptive. What’s at risk is not just data, but the very trust that keeps the country’s digital economy functioning.
Recent figures reveal that four out of five South African organisations were hit by ransomware last year – up sharply from just over half the year before. Criminals are exploiting weaknesses in everything from cloud platforms to AI algorithms. At the same time, telecom infrastructure is being physically sabotaged, with fibre cables cut and cellphone towers vandalised for copper and batteries. The lines between cybercrime and organised crime have blurred, and the cost of inaction is rising by the day.
One example is SIM box fraud, where international calls are illegally rerouted through local SIM cards to disguise them as local calls. This allows fraudsters to bypass international termination fees causing significant financial losses for telecom operators and degrading network quality. Globally and here in South Africa, this type of exploitation is becoming harder to detect and is increasingly being used to facilitate broader scams, including identity fraud and call spoofing. It represents yet another attack vector in an already overstretched threat landscape.
For Thokozani Mvelase, CEO of the Communications Risk Information Centre (COMRiC), the message is clear: the country’s communications sector cannot afford to be reactive any longer. “We’ve allowed fraud to be treated as a telecom issue for far too long,” Mvelase says. “It’s not. It’s a systemic risk that threatens financial stability, trust in communications, and our wider economic resilience. Fraudsters are innovating faster than we’re collaborating. That must change.”
According to Mvelase, what’s needed now is a complete shift in mindset. Cybersecurity can no longer be treated as a siloed IT function or a compliance box to be ticked. It must be designed into the heart of communications systems from how networks are built to how data is managed, to how AI is deployed. He warns that as South Africa embraces artificial intelligence and more consolidated digital platforms, it also opens itself up to new kinds of attacks from deepfake audio scams to AI-generated phishing campaigns. Without ethical guardrails and shared accountability, the very technologies meant to advance the industry could end up undermining it.
While cybersecurity spending in South Africa is rising projected to more than double by 2030 it’s still not enough to match the scale of the threat. And more worryingly, many companies still don’t have the capacity to detect or respond to sophisticated attacks in real time. Mvelase argues that what’s missing is not just budget, but coordination. “We need a united front,” he says. “Telcos, ISPs, broadcasters, regulators, banks everyone in the communications chain must share intelligence, respond to threats together, and speak with one voice when it comes to protecting consumers.”
At the heart of COMRiC’s push is a national call to action: to build a shared framework for cyber-resilience in the communications sector. This would involve setting common standards for AI oversight, cracking down harder on SIM swap and ID fraud, and investing in the development of local cybersecurity skills. But it also requires leadership from boardrooms, from government, and from the industry bodies that shape policy and practice.
South Africa has the innovation capacity, the technical expertise, and the moral responsibility to lead the continent in safe, ethical, and resilient communications. But that will only happen if trust is made a strategic priority not after the next breach, but now. As Mvelase puts it: “We need to protect the systems that protect us. That starts with responsibility, with urgency, and with everyone stepping up.”
