ADF STAFF
About one-third of Africa’s 1.3 billion people are online these days, with millions more expected to join them as mobile and broadband technology expands rapidly across the continent. With so many new users joining the internet, financial scammers, identity thieves and other malicious actors are targeting people across the continent.
According Check Point Research, African nations experienced an average of 1,848 cyberattacks per week in 2022, a number that was higher than the rest of the world combined.
Nigeria, which has Africa’s largest number of internet users, remains an origination point and a primary target for cyberattacks, followed by South Africa and Kenya.
African leaders have begun to confront the continent’s cybersecurity challenges. In 2021, the African Cybersecurity Resource Center (ACRC) set up a continentwide cybercrime monitoring system in Lomé, Togo. Major cybersecurity conferences are scheduled for 2023 in Lagos, Nigeria; Kigali, Rwanda; and Cape Town, South Africa.
Internet use across the continent grew by 23% between 2019 and 2021, due partly to the COVID-19 pandemic, according to the International Telecommunications Union. As internet use expands, one of the continent’s long-term cybersecurity challenges is its dependence on foreign companies for hardware and software, according to researcher Moses Karanja, who studies the intersection of technology and government authority,
“The increased dependency on centralized digital ecosystems while simultaneously having reduced control over them is the top cybersecurity concern that I see for the African region,” Karanja told ADF.
A review of online threat assessments by cybersecurity experts reveals the top issues Africa’s online community is likely to face in 2023. The list includes:
Malware: Malware is a form of computer code that can cripple vital infrastructure or be used to spy on governments and corporations. The most common use might be to steal money. One group of hackers known as OPERA1OR working out of West Africa stole more than $11 million across 12 countries between 2018 and 2022. The group attacked banks across the region on weekends and holidays, using off-the-shelf equipment and malware available on the dark web.
Ransomware: A form of malware, ransomware locks down a computer or computer network until the owners pay hackers to restore access. “Across Africa, ransomware has become the cybercrime with the biggest impact on governments and businesses,” Joey Jansen van Vuuren, head of computer science at South Africa’s Tshwane University of Technology, told German news service Deutsche Welle. This year, a ransomware gang attacked Shoprite, Africa’s largest retailer. The group stole customers’ personal data in Eswatini, Namibia and Zambia, and threatened to release it unless the company paid them.
Internet of Things: The explosion of appliances, home security systems, cars and hundreds of other everyday objects connected to the internet constitutes the Internet of Things (IoT). Many of those objects come with preset, easily guessed passwords that can leave them open to hackers, who can remotely control the devices. Cybersecurity experts say there could be 25 million IoT objects online by 2025. The strongest IoT growth has been in the hospitality, health care and finance sectors.
Mobile technology: More than 70% of Africans access the internet through mobile phones. This makes mobile devices a weak spot in the continent’s ability to reduce malware attacks. Nearly half of those phones come from Chinese companies such as Huawei, which saw 10 million of its phones invaded by malware in a 2021 breach that gave hackers access to the owners’ data.
Human error: Ultimately, the biggest cybersecurity threat often is related to mistakes made by users, according to experts. Unsuspecting people can be tricked into opening innocent-looking emails (a technique known as phishing) or downloading games that release malware into their computer networks. Even the hacks by OPERA1OR began when bank employees accidently gave the hackers access to the banks’ computer systems.
While companies and governments focus on building better online security systems, they also need to build more savvy internet users, according to technology expert Bernard Marr.
Writing recently in Forbes, Marr observed: “Developing an awareness of the threats and taking basic precautions to ensure safety should be a fundamental part of everyone’s job description in 2023!”