Is your RICA registration safe?

Kaspersky Lab shares thoughts on security and how to protect yourself

November 24, 2010

Kaspersky Lab shares thoughts on security and how to protect yourself

Created to combat crime, the Regulation of Interception of Communications and Provision of Communication-Related Information Act or RICA as it is commonly known makes sure that every single mobile phone and connection in South Africa can be traced to a specific person, but according to Kaspersky Lab, if not handled correctly, it can open up doors to all kinds of new types of abuse.

Says Costin Raiu, Director, Global Research and Analysis Team at Kaspersky Lab; “Internet Service Providers (ISPs) will soon own huge personal databases of personally identifiable information (PII) as RICA requires mobile operators, service providers and sellers to register the identities, physical address and cellular phone numbers of new and existing customers who purchase or have purchased SIM cards – making security a key priority.”

According to Kaspersky Lab, this is a large task for ISPs, as not only are they required to collect the PII information, which can be very difficult with people living in remote areas, but they also need to invest heavily into securing their data storage, not to mention, implement serious security procedures to make sure that the PII data is secure and protected from intruders.

Continues Raiu; “Sadly, there are documented cases where employees of phone companies have abused their access to steal such confidential data which can be later sold on the black market. However, if it is done internally, if auditing is properly implemented, access to the specific PII data can be traced to a login and to a specific person inside the company. Yet, having said that, the merits of fighting cybercrime pertain to external intruders and such security procedures are key as many criminals use proxy servers in countries such as China or Taiwan that make it hard to trace back to the author.”

“Unfortunately, mobile subscribers do not have many options here with regards to giving their personal information as it is a legal requirement, however they can take measures to protect themselves. Make sure that you do not fall victim to attacks designed to trick you into disclosing your personal information – contact your ISP directly and keep an eye on phishing attacks designed around RICA. Be wary of mail messages from unknown persons and when in doubt, always consult with your ISP first,” concludes Raiu.