SA is past the point of needing a National Cybersecurity Resilience Plan. What we now require is an emergency framework — a whole-of-society response mechanism that treats the collapse of digital infrastructure with the same urgency as load-shedding or a banking crisis.
The newly released Communication Risk Information Centre (COMRiC) 2025 sector report is a wake-up call wrapped in data. It documents, with forensic precision, how telecommunications crime has evolved from a nuisance to a systemic threat.
SIM swap fraud, copper cable theft, subscription scams, ransomware attacks and synthetic identities are no longer isolated incidents they are a tightly interlinked network of crimes that now cost SA more than R5.3bn annually.
The report shows commendable progress in areas such as biometric SIM registration and AI-driven fraud detection. But it also reveals a vulnerability that is growing faster than our response capacity.
We are not fighting criminals, we are fighting criminal ecosystems. These syndicates exploit regulatory loopholes, infrastructure gaps and siloed intelligence. And while telecom operators have started to harden their defences, the threat has metastasised beyond their control.
Here’s what we’re getting wrong: we’re treating cyber and telecom threats as industry-specific challenges. They are not. They are national threats, with national consequences.
A telecom network breach doesn’t just disrupt calls — it takes down emergency services, halts digital banking, fractures supply chains and disables entire communities. And when copper cables are stolen or base stations sabotaged, it’s not just a telco problem. It’s a security risk, an economic drag and a public safety failure.
That’s why SA needs to move beyond policy proposals and towards a cyber emergency framework that is binding, agile and resourced.
The COMRiC report suggests the establishment of a sector-wide Computer Security Incident Response Team, modelled on global best practice. It’s a good start, but it will fall short unless it’s hard-wired into a broader state-led, business-enabled structure that has enforcement teeth and crisis command capabilities.
We can take our cue from how the financial sector responded to escalating cybercrime: co-ordinated protocols, regulatory harmonisation, joint intelligence platforms and rapid response drills. Why is telecommunications, which underpins every other industry, still battling for that level of structural commitment?
It’s not for lack of evidence. According to the report, SIM swaps account for nearly 60% of mobile banking breaches in SA. Between March 2024 and April 2025 network operators processed 3,600 SIM swap requests — a small number but with significant risk concentration.
Even more alarming, 62% of extortion cases are now tied to pre-RICA’d SIM cards, which remain a gaping hole in the country’s regulatory net. Fraudsters are no longer hacking — they’re exploiting weak compliance faster than our systems can react.
What’s worse, the response has been fragmented. Enforcement is patchy. The legal system struggles to convert arrests into convictions. Infrastructure sabotage continues to rise — aided by insider collusion, according to the data — and the financial toll is staggering. Battery theft, for instance, costs operators R250m-R350m annually, while the broader security bill for the industry exceeds R1.2bn.
Yet despite these numbers our legislative frameworks — particularly the Regulation of Interception of Communications Act (Rica) — remain out of sync with the digital realities. Over-the-top platforms such as WhatsApp, which bypass SIM registration altogether, continue to operate with minimal oversight. This makes lawful surveillance harder, frustrates criminal investigations and undermines digital trust.
The report’s most compelling contribution is not in its diagnosis — grim as it is — but in its prescription. It advocates for cross-sector intelligence sharing, regulatory modernisation and deeper civil society involvement. It promotes data-driven vigilance, business continuity mapping and community-based tower protection programmes.
But here’s what’s missing: enforcement authority. Voluntary collaboration can only go so far. What’s required is a formalised, nationally mandated response structure — one that draws in the presidency, security clusters, financial institutions, telcos and civil society under a single cyber risk governance charter.
Other countries have moved swiftly. Ghana’s crackdown on SIM box fraud, for instance, saw an 80% reduction thanks to a co-ordinated regulatory and enforcement push. Tanzania and Uzbekistan have reported similar success. SA should not be trailing this pack — we should be leading it.
The COMRiC report frames the issue as one of national resilience. But it must now be followed by action — and that starts with a political commitment at the highest level. Telecommunications crime must be elevated to a national strategic risk, with the same priority as grid failure or public health crises.
This is about catching up to reality. Our digital infrastructure is now too critical to be defended piecemeal. We have the data. We have the road map. What we don’t have — yet — is urgency. Let’s not wait for a catastrophic breach to realise that cybercrime is already a state of emergency. SA must declare it as such — and respond accordingly.
• Mvelase is CEO of the Communications Risk Information Centre.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.