LARS GUMEDE: AI-powered hackers loom large for SA

There is a dramatic shift in the cyberthreat landscape brought about by artificial intelligence (AI) — cybercriminals no longer need elite skills to launch sophisticated attacks. AI is transforming hacking from a niche skill into a point-and-click threat. 

For SA — already one of the world’s most targeted cybercrime hotspots — this evolution demands urgent action.

In January, Cell C was hacked and held to ransom by hackers threatening to leak sensitive customer records. Public works & infrastructure minister Dean Macpherson revealed that cybercriminals have siphoned R300m from the department in 10 years.

More recently, parliament’s social media accounts were hacked and used to promote a scam cryptocurrency project in a classic pump-and-dump scheme. But we must be prepared for something much worse. 

In February 2024 an employee of the British multinational Arup in Hong Kong transferred $25m (R450m) to fraudsters after a video call with what appeared to be their CFO and colleagues. Everyone on the call was a deepfake.

The attackers used voice-cloning tools to replicate the CFO’s British accent and speech patterns, and the deepfake video avatars nodded and responded to questions in real time — leaving no doubt of legitimacy in the mind of the target employee. The money was funnelled through cryptocurrency mixers and offshore shell companies and has not been recovered.

Such attacks are coming to SA, which is particularly vulnerable. According to Interpol, SA suffers the third-highest number of cybercrime victims globally, costing the economy more than R2.2bn annually. The country suffers more than 500 cyberattacks per hour. The attacks are of every form: malware, phishing, DDOS, ransomware and AI-driven fraud schemes.

In January, the Financial Sector Conduct Authority (FSCA) warned of an investment scam that used deepfakes of SA businessman Patrice Motsepe and others. Such AI-enabled scams have become prevalent, with local businesses reporting a rise in attacks involving deepfake technology and automated social engineering. 

Despite these risks, cybersecurity budgets remain low, and public awareness is minimal. For example, in a global survey 80% of IT leaders said they were “confident” they would not fall for a phishing attack, though 64% had clicked on a phishing link. The SA Banking Risk Information Centre found that 62% of citizens cannot identify phishing messages. 

AI’s dark side — democratising destruction 

AI is fast transforming hacking from an obscure skill into a ready-made point-and-click threat. Take deepfakes and audio cloning: in 2023 an American mother nearly paid a ransom after receiving a call from an AI-cloned voice of her “kidnapped” daughter.

In SA, similar tools could allow scammers to clone the voice of a family member or CEO to demand urgent payments. Platforms such as ElevenLabs can create a full audio avatar of a person from just a 30-second clip of them speaking, for free!

Meanwhile, AI-enhanced phishing campaigns are leveraging platforms such as WormGPT, a dark web variant of ChatGPT, to generate flawless, personalised emails. Imagine a fake “HR bonus notification” written in fluent English, Zulu or Afrikaans, mimicking a colleague’s writing style.

Even malware is evolving. In 2023 researchers discovered BlackMamba, a programme that uses generative AI to rewrite its code in real time, evading detection. These tools are not only advanced, but also shockingly accessible. A 2024 report by cybersecurity firm Trend Micro warned that AI-as-a-service platforms on the dark web now let anyone launch nation-state-level attacks for less than $100 (R1,800). 

Transforming cyberdefences 

If attackers use AI, defenders must too. However, this battle is not just about technology — it’s about collective vigilance. Individuals must adopt a mindset of scepticism. Assume nothing is real: verify unusual requests, such as money transfers. Learning to spot the signs of deepfakes is equally critical. Look for unnatural blinking, mismatched lip-syncing, or robotic voice tones. Additionally, locking down personal data is essential. Avoid sharing voice clips or videos on social media, as these can be harvested to train AI cloning tools. 

Organisations must urgently integrate AI-driven defences into their cybersecurity strategies. To counter deepfake risks, companies should implement strict verification protocols for transactions. Equally critical is regular training: simulate attacks such as AI-cloned voice calls from “executives” directing urgent payments or deepfake videos of public figures endorsing fake investment schemes. 

Government must take a proactive approach like Australia, which set up a cyberthreat task force (comprising 100 top cyber experts) to “hack the hackers”. Laws are also needed, such as criminalising deepfake creation without consent, similar to the EU’s AI Act. Public awareness campaigns, modelled on initiatives such as Singapore’s “Better Cyber Safe Than Sorry”, are necessary to teach citizens to recognise AI-driven scams.

Building skills for the future 

SA could take a cue from Singapore, which has a general AI literacy programme called “AI Singapore” — a multipartner programme that provides learning materials, research grants, prized competitions and an engaged tech-community in one online portal that allows all to actively participate in the AI revolution. 

SA’s ability to counter AI-driven threats necessitates fostering broad digital and cyberliteracy at every level of society. Citizens must understand how AI scams work, how to spot deepfakes, and why sharing voice clips online is risky.

To achieve this, SA should look to models such as China, where AI and cybersecurity fundamentals are integrated into school science, technology, engineering & maths (Stem) curriculums from primary grades. China’s “cybersecurity education weeks” in rural areas offer another blueprint, blending Stem principles with practical skills such as secure password management. 

The Hong Kong deepfake heist could easily happen here. AI has erased the gap between petty cybercriminals and nation-state hackers — and SA’s existing vulnerabilities make it a prime target. The solution requires more than firewalls; it demands a shift in how we perceive threats. From individuals questioning every unusual request to governments enacting robust laws and cyber defence systems, every layer of society must adapt. 

Gumede, founder of Axel Technologies, is author of ‘AI Works for You: Success Secrets & the Future of Humanity from the World’s Most Advanced AI’ .