Wising Up to Cyber Security
Windhoek – With the number of people who have the ability to manipulate and disrupt information on the increase, many African countries have responded by taking significant strides to prevent and reduce the incidence of cybercrime.
Cyber criminals use the cyberspace for their dubious schemes. Most of them target unsuspecting individuals, companies, banks, and military and government agencies which lead to tremendous losses in terms of money as well as personal and national security.
“Cybercrime costs global economies billions every year. These attacks, coupled with the liability claims that they may encounter, can leave local businesses in ruin if they are not properly insured against cybercrimes,” says Kerry Curtin, who is the principal broker for financial institutions and professional risks at Aon South Africa.
Africa has had its own fair share of cyber attacks, including the infamous 419 scam where people solicit “assistance” to move large sums of money – usually playing a sympathy card (eg, Sani Abacha killed my father but I am in possession of US$5 million that I want to move out of Nigeria) – and yet all they want is access to your banking details and identity documents so that they can clear you out.
With the continent hosting the third most-attacked country globally, South Africa, there is wide acknowledgement that cybercrime has to be taken seriously.
Most African countries have legislated cybercrime provisions in their legal codes and in Namibia several laws, which have already been enacted, attempt to reduce the incidence of this criminal activity.
South Africa became the first to enact cyber-bulling laws in Southern Africa while Zambia, Namibia, Angola, Zimbabwe and Botswana are following suit by implementing mobile SIM card registration as the first step in tackling cyber bullying and crimes committed via phone.
With millions of Africans accessing the Internet through mobile devices, security of cellphone use is of paramount importance to the continent.
But while some steps have been taken by several countries, a lot still has to be done to improve cyber security in Africa and indeed across the whole world.
Many cyber-criminals are said to have settled in Eastern Europe and Russia and many believe this is caused by the weak anti-cyber-crime legislation and law enforcement agencies that are ill-equipped to investigate Internet-based crimes in the said regions.
One of the reasons why rape and abuse against women is common is because in the past, the laws against such abuses were not tough enough. Just recently the laws have been made tougher as part of efforts to curb the offences.
Similarly, in crafting cyber laws, penalties should not be made light. To some extent, tougher laws have been proven to be efficient measures in reducing crimes.
Thus, it is also important to have tough and strict anti-cyber-crime legislation as part of measures to improve Internet security for all users of the Internet.
Investment in the investigation of the new forms of crime committed via the Internet has to be ensured.
Some countries now have entire police, military and intelligence departments that deal with cyber crimes. Their duty is not only to catch perpetrators, but also – and perhaps more importantly – to deter threats.
Private companies, too, have a major role to play in this. Organisations must invest in security because industrial espionage is on the rise as it has been made easier by the proliferation of Internet access across the globe.
As such, companies must work with governments and legislative bodies to boost Internet security.
While stringent Laws that focus on the criminals are appropriate in their own place, laws that make it a prerequisite for companies to put in place measures to prevent possible hackings and cyber crimes are also important.
It is a cliché, but like most clichés it is very true – prevention is better than cure!
Companies and institutions that do not comply with cyber crime prevention policies and laws must be appropriately penalised because they are putting local and national economies – and people’s jobs and lives – at risk through their negligence.
There should be strict monitoring at corporate level of what employees use the Internet at work for.
Of course, this entails a fine balance between security and the right to privacy. But it should be borne in mind that collective interests, whether we like it or not, take primacy over individual interests.
Due to economic and infrastructure-related deprivations, many African governments are ill-equipped to fight cyber crime.
So governments must decide what they would rather face: the cost of preventing crime or the cost of crime itself.
Regional bodies such as SADC should come up with harmonised cross-border mechanisms to combat cyber crime because these criminal activities are not restricted by national boundaries.
Countries can thus capacitate each other and learn from one another how best to combat and reduce cyber crime.
Already, the African Union and the UN Economic Commission for Africa have drafted a convention on cyber legislation that is awaiting the signatures of members of the continental organisation.
East African states are also working on harmonising their cyber laws and the document is expected to be finalised around September this year.
At the global level, there are talks of creating harmonised cyber security standards.
These, naturally will take a very long time to be agreed on so it is the onus of smaller groupings – such as SADC – to tackle the threats that they are facing.