Joining hands against cybercrime in Africa

Concerned over rising threats online, Cyber security agents in Africa are taking a proactive step by collaborating with global network-security experts, to curb cybercriminal activities in the continent where they will share information and technical know how. Cyber security agents in Africa will gain an even better view of emerging cyber threats by working with experts who are mainly drawn from European countries and US. The partnership will also address the shortage of cyber security specialists in the fast growing continent of Africa, through joint seminars and discussions that will involve management teams in companies and other organizations.

The tie-up will further strengthen technical capabilities to identify and respond to cyber attacks more quickly in Africa according to an insider I spoke to this past week. In 2011, the cyber security study in Africa found that the continent received a total of 18,607 cyber security incident reports which is a significant leap from the 564 received at the turn of new millennium and the trend is showing that the number of cyber threats will increase further. In the first quarter of 2012, 8,903 cyber security incidents have already been reported in Africa and of those, 4,501 were related to fraud that included 2,304 phishing attacks that targeted African banks.

In Africa, financial crimes are increasing as an overall proportion of data breaches which are not the same hacktivism and cyber espionage that are rare in the continent. Data breaches at large organizations in Africa tend to be common with criminals who are targeting trade secrets as a means of boosting the competitiveness of indigenous industries as has been reported in various cases in Zambia, Uganda, Tanzania and South Africa while industrial secrets thievery has been reported in Kenya, Namibia and Nigeria as well as Ethiopia where recurrence of types of crimes such as data breaches, DDOS are very common.

In our evaluation, there is very little technical innovation by cyber criminals in Africa. In cases I have come across, very rarely can anyone see anything that’s very interesting or unique. In fact all cases are carbon copies of what amateurs do in western countries and it’s the same old stuff over and over again. In fact, in Africa cyber crimes are actually becoming less sophisticated, because potential cyber crooks were taking advantage of tools and techniques readily available for download on the Internet and any expert can easily thwart them. Mostly, the end users and their log on credentials are particularly targeted because of their vulnerability and attacks came from remote access regimes.

We must consider that the scenario is extremely volatile, there is the concrete risks that cybercrime will adopt even more sophisticated techniques already proposed in Europe and US to realize cyber frauds, with a relevant differences, most of OSs in the continent are outdated and in many cases are illegal copy.

Lack of proper security defenses could expose infrastructures to concrete risks of attacks with serious impact.

When we think to cybercrime we have to consider different way to monetize illegal activities such as the realization of computer frauds, the actual landscape open the doors to the establishment of criminal services that cyber criminals sells in the underground market exactly in the same way it happen for Russian context.

It’s is easy to predict the rapid growth of the sales of  services such as botnet renting, DDoS attacks services and malware customization. The African hacking underground is considered one of the most interesting; according to researchers of Kaspersky Lab, Egypt is one of the primary users and designers for cyber espionage malware.

When we think to Africa we must free our mind from preconception, the cyberspace has no boundaries and soon cybercriminals will be able to setup services not different from the ones proposed in other parts of the world.

Statistics reveal that that cybercrime is growing at a faster rate in Africa than it is in other continents, analyzing the estimated yearly cost of cybercrime for the principal economies of the continent it is possible to observe that countries such as Kenya suffer a serious impact comparable to the US one.

 

 

The popularity of social networks that is sweeping across the continent and the availability of affordable Internet enabled mobile devices coupled with the rise in e-commerce are fuelling the increase in threats to business security in Africa. The collaboration will provide round-the-clock threat monitoring, as well regional support. Cyber security organizations in Africa still lack adequate staff and this new team will also work to develop local IT security expertise, as well as offer real-time online threat intelligence services to the public and private sectors which are the most affected especially the banking and financial sector.

Contador Harrison & Pierluigi Paganini