By Advocate Thokozani Mvelase, CEO of COMRiC
If we do not act decisively to protect our communications infrastructure, we will lose more than just data. We will lose trust, stability, and control. This is not a future scenario imagined by cybersecurity consultants or technologists. It is a present and growing threat playing out in real time across the networks, platforms, and systems we depend on every day.
The consequences of inaction will be brutal: economic sabotage, reputational damage, widespread disruption, and the erosion of public confidence in the very institutions tasked with keeping us safe.
The scale and sophistication of attacks on South Africa’s communications sector has accelerated dramatically. Once considered the preserve of isolated hackers, cybercrime has now become organised, systemic, and deeply integrated with physical infrastructure threats. Ransomware syndicates are locking up data and demanding millions. Fibre cables are being dug up and sold for copper. Cellphone towers are being vandalised. Criminal networks are hijacking our systems, and what’s worse, they are getting better at it by the day.
Amid this chaos is SIM box fraud, a particularly insidious tactic where international calls are illegally rerouted through local SIM cards, bypassing international termination fees. While this may sound technical or obscure, the implications are far-reaching. It drains revenue from operators, degrades service for users, and more alarmingly, creates a backdoor for broader criminal activity such as identity theft, call spoofing, and bank fraud. This form of attack is becoming harder to detect, more lucrative for criminals, and devastating in its broader consequences.
We cannot afford to treat these issues as siloed operational problems. They are systemic risks that cut across sectors and borders. The notion that fraud and infrastructure sabotage are merely “telecoms issues” is dangerously outdated. What is under attack is the digital nervous system of the country. What’s at stake is the integrity of our financial systems, the stability of our public services, and the resilience of our economy. Fraudsters are no longer operating on the fringes they are now targeting the core.
As we embrace artificial intelligence, expand cloud computing, and deepen our digital connectivity, we also expose ourselves to new vulnerabilities. AI tools, if not properly governed, can be hijacked to generate deepfake voices, automated scams, and hyper-targeted phishing campaigns. The very technologies designed to advance progress are being weaponised. Without ethical guardrails, shared accountability, and hard regulatory enforcement, we risk turning opportunity into threat.
The issue is not just about how much money we spend on cybersecurity, although investment clearly matters. South Africa’s cybersecurity budget is projected to more than double by 2030 a welcome development. But spending alone is not a strategy. The more urgent problem is coordination. We have world-class experts and some cutting-edge technology, but we are still failing to detect and respond to attacks in real time because we are working in silos. Everyone is protecting their own turf, their own systems, their own data and in doing so, we leave the door wide open to attackers who thrive on our fragmentation.
We need a united front. A coordinated, sector-wide framework for cyber resilience. Telecommunications companies, ISPs, broadcasters, banks, regulators – everyone in the communications value chain must be part of a shared intelligence and response model. We need to speak with one voice when it comes to threat identification, consumer protection, and infrastructure defence. It is not enough for one company or one agency to respond well. We either all step up or we all fall short.
This is why the Communications Risk Information Centre (COMRiC) is calling for a national call to action to embed cybersecurity and resilience into the design of our networks, not just as an afterthought. We must establish enforceable standards for AI oversight. We must crack down harder on SIM swap and identity fraud. We must build a new pipeline of local cybersecurity talent equipped to meet the threats of tomorrow. And we must place leadership at the centre of this response not just technical expertise but ethical, accountable leadership from the boardroom to the policymaking table.
South Africa has the capacity to lead on this issue. We have the skills, the infrastructure, and the moral responsibility to set the pace for the continent. But we are running out of time to get it right. Trust is not an infinite resource. Once lost through a major breach, a systemic failure, or a collapse in service it is incredibly difficult to restore. Trust must be designed, protected, and renewed every day through visible action and shared responsibility.
I believe we can protect the systems that protect us. But that begins with urgency. It begins with an honest assessment of the risks we face. And it begins with each of us in industry, in government, in civil society stepping up with a shared sense of purpose. We do not need to wait for the next national blackout or major data heist to realise how fragile our systems have become. The warning signs are already here. The question is whether we are ready to respond together, decisively, and now.
The views expressed in this article belong solely to the author and do not represent The Fast Mode. While information provided in this post is obtained from sources believed by The Fast Mode to be reliable, The Fast Mode is not liable for any losses or damages arising from any information limitations, changes, inaccuracies, misrepresentations, omissions or errors contained therein. The heading is for ease of reference and shall not be deemed to influence the information presented.
