West Africa is a gold field for cyber criminals – Report

20 Jul

West Africa’s finance sector most vulnerable to cyber attack, says new report (Photo Credit: Mantle Thought)

By Modou S. Joof

Cybercriminals are starting to wake up to the fact that West Africa is a gold field with wide open systems, a new cybersecurity report says.

All four Anglophone-West African countries had one attack trend in common: The hacking of electoral systems and government websites, the report by 3T Solutions Consulting, a global cybersecurity and technology organization says.

The 2017 West Africa Cybersecurity Indexing and Readiness Assessment is a regional report on cybersecurity ranking, readiness, vulnerabilities and mitigating measures to improve awareness.

From Gambia, to Ghana, Liberia and Nigeria, hackers successfully shut down government websites, access to the internet and websites run by electoral bodies between 2015 and 2017. The banking sector and United Nations agencies have also been targeted.

Finance sector most vulnerable

“Available information from all four countries put the banking and finance sector as the most vulnerable to cyber attacks,” the report reveals. The consequences are costly. For instance, Nigeria alone loses 127 billion Naira annually to cybercrime.

“More than 60% of those surveyed within the banking and financial institutions have been victims or have known victims of cyber-crime in the last 12 months,” the report says.

According to the Daily Post newspaper, in 2015, the Information Security Society of Nigeria (ISSAN) revealed that 25% of the cybercrimes in Nigeria are unresolved and that 7.5% of the world’s hackers are Nigerians.

However, West Africa’s banks and financial intuitions is not the only sector that faces the threat of cyber attacks and crimes; the telecommunication industry also faces threats.

The report, released in July, reveals that network bypass theft and other incidents of cyber intrusion continue to plague the telecommunication industry in all four countries surveyed, even as they look forward to invest in new technologies to boost their security and infrastructure.

Growing threat

More than half of the telecommunications companies in the four countries had no budget set aside for security, but telecommunication operators believed they were losing revenue of about 20% due to illegal system access.

While the attack vectors in West Africa have been escalating, they are not up to the level of what is happening in developed countries, the report says. Nonetheless, the increase in internet users means that the threat is equally growing. The Gambia registered 373, 865 internet users in March 2017.

3T Solutions Consulting says 70 percent of private and public organizations polled in the survey and analysis in the countries involved had little or no idea about the reality of cybercrime.

The sub-region’s the telecommunication industry also faces threats of cyber attack, the report says (Photo Credit: CIOS)

Technology advancement has been unstoppable and in most cases, changing very rapidly in the last three decades, it says. “Gambia and Liberia’s organizational procedures and processes have lagged behind in developing organization measures to counter cyber threats.”

And the lack of cohesive legislative and regulatory frameworks regarding cybersecurity in West Africa compounds the threat of creeping cybercrimes. For example, Gambia [only] made its first attempt at putting in place a cybersecurity strategy in 2015.

“In spite of the growth in technology adoption and internet penetration, the development and enforcement of cybersecurity legislation among the four participating countries in our research has been relatively stagnant,” according to 3T Solutions Consulting.

Failed to prepare against obvious dangers

While Ghana’s legal infrastructure was able to put in place legal structures to combat cyber-criminal activities, in Liberia, the legal system is almost nonexistent. However, the government in Monrovia passed two Supplementary Acts in February 2010: “Electronic Transactions and Data Protection” and “Directive on Cybercrime”.

Nigeria too passed the Cybercrimes Act 2015 that deals specifically with cybercrime, and The Gambia established its Information and Communications Act in 2009 with substantive criminal law provisions.

The Cyber-Security Experts Association of Nigeria (CSEAN) has warned that with the level of vulnerability of the country to cyber attacks, financial institutions bear the highest risk and exposure.

The 2017 West Africa Cybersecurity Indexing and Readiness Assessment report quoted the president of the Association, Remi Afon, as saying: “Corporate organizations and government establishments have failed to prepare against obvious dangers of cyber threats posed by increasing sophistication in cyber crookery.

“Cyber attacks were becoming more sophisticated, stressing the need to build resilient cyber defense mechanism for the country.”

The authors of the report warn it is difficult to create normal rules for cyber crime, and that the vulnerabilities will increase with the acceleration of technology (Photo Credit: 3T Solutions Consulting).

Continuing offensive approach

The authors of the report list a series of recommendations of what they say are “best practice for developing a national cybersecurity strategy”. They note that the threat of cyber attacks within countries in West Africa will not be curbed without specific and targeted efforts by the countries in the sub-region.

They recommend that the countries should develop a resilient national infrastructure, create a safe cyber space for the country, nurture a vibrant cyber security ecosystem, and build strong international partnerships.

But they warn that cyber attacks do not reside in a particular boundary, hence the difficulty in creating normal rules for them, and the vulnerabilities will increase with the acceleration of technology.

“Efforts in fighting against cyber issues should be a continuing offensive approach. Equally in this effort should be a good defensive approach by the countries,” the authors warn.

“The current cyber threat landscape in West Africa shows users are being impacted both by threats that are trending globally as well as some that more specific to the sub region.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: