Cyber risks and trends in Africa
Cyber crime statistics show Africa is at risk and the growth in Internet use is increasing that risk exponentially.
So said Yusuph Kileo, a cyber security and digital forensics expert from Tanzania, who spoke about "Pan African security initiatives - how to interface with initiatives on the continent", during ITWeb Security Summit 2015, in Midrand.
He said there are four major questions that need to be asked. "How vulnerable is our cyber space to attacks? How much in Africa is connected to cyber space? What are the consequences of cyber crime in Africa? How many cyber criminals and groups do we have on the continent?"
Africa faces several problems, Kileo said: "Piracy in Somalia, Al Shabab, Boko Haram, Nigerian organised crime, Cape Verdian and similar. In addition, more than 63% of people in Africa have mobile phones, and more than 16% have Internet access. We have imported technology, loopholes in current technologies, development of malicious software, and similar." He added: "There is much critical infrastructure, financial assets and other services that depend on IT."
Tanzania, he said, is fairly well developed. "The country has moved from analogue to digital; there have been big investments in fibre-optics, making sure the country is well connected with over 70% coverage of fibre in the country. We also have 28.6 million mobile subscribers."
Although Tanzania has been described as low-risk, it is bordered by high-risk countries such as Kenya and Congo. "In 2012, we saw around 999 cyber crime cases. They were very hard to prosecute as there was a lack of legal framework to deal with crimes of this nature."
In addition, noted Kileo, ATM fraud is vast, costing the country a great deal of money, and the country also experiences the theft of information, stalking, piracy, identity theft, drugs and human trafficking.
Tanzania currently has no cyber security policy in place, Kileo said, but the country has recently tabled the Cyber Crime Act 2015 Bill, which focuses on protecting its citizens from cyber crime. This is a big step forward, he added.
Looking ahead, Kileo said laws themselves are not enough, and three things are needed: "Firstly, intensive awareness programmes, which we plan to implement. Secondly, more collaboration between government and the private sector; and finally, commitment to run intensive capacity-building programmes by policymakers, law enforcement agencies and regulatory agencies."