Cyber security landscape in Africa

Let me present you a very interesting study on cyber security landscape in Africa, conducted by IDG Connect, division of International Data Group (IDG), to which I gave my humble contribution.

According the Economist data related to the first decade of this millennium shows that six of the world’s fastest growing economies were in sub-Saharan Africa. The entire African continent is profoundly changing pushed by a rapid adoption of new technologies, according HSBC within 2050 different African countries will be part of top 50 world economies, let’s think to Egypt, Nigeria, Kenya and South Africa.

The businesses are intensifying their activities in the continent, Africa is on the up, but we must also consider that a so rapid growth could create favorable conditions for the development of cybercrime.

The number of malware, cyber frauds and cyber attacks is growing in Africa in meaningful way. Malware infections in Africa are higher than the worldwide average according to Microsoft’s Security Intelligence Report for the second half of 2011 with peak values in Egypt.  Very interesting the data provided by a BSA’s 2011 study on software piracy, the average in the region is around 73% data that could justify also high level of penetration of malware agents in the region.

In a similar scenario is fundamental the introduction of cyber security regulations recognized in the entire continent, consider that many African countries still lack of a proper legislation in the matter. Fundamental is the cooperation between the states and the establishment in each countries of a Computer Emergency Response Teams (CERT).

The Report presents interesting spotlights on the principal economies:

1. Egypt
2. South Africa
3. Kenya
4. Nigeria

Egypt

The IT evolution of the country has been seriously impacted by the recent political events, the county has one of the primary economies of the continent but last year’s the situation is deteriorated. The Egypt  has a good mobile infrastructure, mobile penetration stands at 112%, over 90 million people,  while country has 30 million users, of whom around 22% make use of E-commerce for its shopping.

According to BSA’s levels of pirated software stands at 60% for a total value of $172m, a worrying data that government desires to reduce by 10% in four years.

The main “cyber problem” of the Egypt seems to be the cybercrime, in 2010 the country was named by Kaspersky Labs as one of the top sources of password-stealing Trojans, and the year before, Egyptian hackers were involved in one of the world’s largest cyber-crime criminal court cases.

Websense security firm has recently confirmed Egypt as third for countries hosting phishing fraud. For completeness we must also consider the cyber warfare context, African countries have suffered state-sponsored attacks such as the recent Flame campaign that attacked nations such as Egypt and Sudan.

 

 

Kenya

Kenya is fast becoming a major player in the IT sector driving East Africa economy growth, despite the impressive improvement under technologic perspective the country is extremely vulnerable to cyber attacks. Mobile sector is the one most exposed to incoming cyber threats, more over 17 million people on the Internet, 6 million of which are mobile internet users and that figures are increasing. According Kaspersky Lab experts 20% of computers being used in Kenya are vulnerable to malware and the number is rapidly rising. The large exposure to cyber threats is mainly related to the absence of patch management of the systems and to the presence of older OS versions.

Several studies demonstrated that the level of negligence and ignorance in IT sector represents a serious threat for the country. The impact of cybercrime on the country is serious, forensic experts are claiming cyber-crime poses the biggest challenge to organisations and the police, and already costs Kenya almost Sh3 billion ($36 million) every year.

Governments and private business are largely investing in training, the training market is expanding significantly, many companies starting to offer hacking forensic courses to government agencies and private businesses.

Kenya last year set up its Computer Incident Response Team (CIRT) to promote security, issue warnings and respond in efficiency way to cyber threats!

To prevent cyber crime the government also established the monitoring of communications managed by the Communication Commission of Kenya (CCK), citizens are scared by Big Brother, by a possible censorship,  despite institutions declared its use for detection and prevention of cybercrime incidents:

 “It is a passive system and not a tool for spying on users. The system cannot be used to block access to the internet at all.”

The African IT scenario is deeply and rapid changing, but we have to consider great differences in the development of various economies. I believe that this isn’t a problem, the main concern in my opinion is an uniform development of cyber security culture in the overall continent. Richest economies in Africa must consider and support the development of the poorest, only in this way the world will face with a Great Africa!  In the same way, countries all over the world must consider the African continent a resource to cultivate and to help in the growth …. cyberspace has no boundaries!

It will have no sense in the  next decade to have a rich Egypt in a poor Africa o or worse to have a poor Africa in a rich world … we live in the era of global economy!

Pierluigi Paganini