LCR4805
Assignment 2 Semester 2 2024
Unique #:
Due Date:10 September 2024
Detailed solutions, explanations, workings
and references.
+27 81 278 3372
, QUESTION 1
Ransomware attacks, such as the one that targeted the local municipality in this
scenario, fall within the broad category of cybercrimes, which are regulated by
various statutes in South Africa. A ransomware virus typically encrypts data,
rendering it inaccessible until a ransom is paid to decrypt it. In this case, Robert,
the alleged perpetrator, can potentially face legal consequences under both the
common law (before the Cybercrimes Act 19 of 2020) and statutory law (after the
Act came into force). The South African legal framework before the Act relied
heavily on older laws such as the Electronic Communications and Transactions
Act 25 of 2002 (ECT Act) and common law crimes like extortion, while the
Cybercrimes Act 19 of 2020 specifically modernized and broadened the legal
tools available to address cybercrime.
Legal Position Before the Cybercrimes Act 19 of 2020
Before the Cybercrimes Act 19 of 2020, cybercrimes such as ransomware attacks
were addressed under various legal frameworks, including the ECT Act and
common law provisions. Let's explore how Robert's conduct would have been
prosecuted under this pre-Act framework.
1. Electronic Communications and Transactions Act 25 of 2002 (ECT Act)
The ECT Act contains provisions that address various cyber-related offenses,
including unauthorized access to data and interference with data:
• Section 86(1): This provision prohibits unauthorized access to data,
including the interception of data. Robert’s introduction of the ransomware
into the municipality’s network constitutes unauthorized access and
interception. By tricking an employee into downloading the virus, Robert
accessed data without permission, which is a violation of this section.
• Section 86(2): This section criminalizes interference with data, specifically
prohibiting actions that modify, destroy, or render data ineffective. The
ransomware attack clearly modifies the municipality’s data by encrypting it,
thus rendering it inaccessible. Robert’s actions would fall squarely within
the scope of this section.
• Section 86(3): This section addresses the creation or distribution of
devices or programs designed to overcome security measures. The
ransomware virus, as a tool that bypasses the municipality's security and
Varsity Cube 2024 +27 81 278 3372
Assignment 2 Semester 2 2024
Unique #:
Due Date:10 September 2024
Detailed solutions, explanations, workings
and references.
+27 81 278 3372
, QUESTION 1
Ransomware attacks, such as the one that targeted the local municipality in this
scenario, fall within the broad category of cybercrimes, which are regulated by
various statutes in South Africa. A ransomware virus typically encrypts data,
rendering it inaccessible until a ransom is paid to decrypt it. In this case, Robert,
the alleged perpetrator, can potentially face legal consequences under both the
common law (before the Cybercrimes Act 19 of 2020) and statutory law (after the
Act came into force). The South African legal framework before the Act relied
heavily on older laws such as the Electronic Communications and Transactions
Act 25 of 2002 (ECT Act) and common law crimes like extortion, while the
Cybercrimes Act 19 of 2020 specifically modernized and broadened the legal
tools available to address cybercrime.
Legal Position Before the Cybercrimes Act 19 of 2020
Before the Cybercrimes Act 19 of 2020, cybercrimes such as ransomware attacks
were addressed under various legal frameworks, including the ECT Act and
common law provisions. Let's explore how Robert's conduct would have been
prosecuted under this pre-Act framework.
1. Electronic Communications and Transactions Act 25 of 2002 (ECT Act)
The ECT Act contains provisions that address various cyber-related offenses,
including unauthorized access to data and interference with data:
• Section 86(1): This provision prohibits unauthorized access to data,
including the interception of data. Robert’s introduction of the ransomware
into the municipality’s network constitutes unauthorized access and
interception. By tricking an employee into downloading the virus, Robert
accessed data without permission, which is a violation of this section.
• Section 86(2): This section criminalizes interference with data, specifically
prohibiting actions that modify, destroy, or render data ineffective. The
ransomware attack clearly modifies the municipality’s data by encrypting it,
thus rendering it inaccessible. Robert’s actions would fall squarely within
the scope of this section.
• Section 86(3): This section addresses the creation or distribution of
devices or programs designed to overcome security measures. The
ransomware virus, as a tool that bypasses the municipality's security and
Varsity Cube 2024 +27 81 278 3372
