ADF STAFF
The rapid growth of internet use across West Africa is prompting calls for the region to cooperate on cybersecurity. A joint approach can protect private citizens, business, government institutions and critical infrastructure from online attacks, according to cybersecurity expert Folake Olagunju.
“It has to be a whole society approach,” Olagunju said during a podcast interview with the EU International Partners Academy. Olagunju is the program officer for internet and cybersecurity at ECOWAS, the Economic Community of West African States.
Since 2019, internet use across West Africa has grown by about 25%. That growth has been unevenly distributed across the region, with a high of 62% of Cabo Verdean residents online to a low of 14.5% of Nigeriens.
With more than 109 million citizens online, Nigeria has the continent’s largest number of internet users, which has made it the continent’s leading target for cyberattacks such as phishing and ransomware.
Cybercriminals use phishing to gain access to computer systems by sending legitimate-looking emails that contain software designed to invade their computer network or to steal personal data. In ransomware attacks, hackers invade companies, such as banks, and lock out users until the victims pay a ransom.
Continentwide, Africans experienced 10.7 million phishing attacks in the second quarter of 2022, according to industry data.
Nigerian cybersecurity expert Abdul-Hakeem Ajijola, head of the Strategic Road Map Action Plan Committee of the Nigeria Data Protection Bureau, said African countries have put more emphasis on getting people and companies online than they have protecting those users from theft, scams and other cyberattacks.
A 2021 Interpol investigation of Africa’s cybersecurity found that weak networks and poor security made the continent particularly vulnerable.
With the focus on providing access, most often through mobile devices, Africa’s strategic decision-makers see cybersecurity as not an African problem to solve, Ajijola told ADF in an email.
That is starting to change.
Through its Organized Crime: West African Response on Cybersecurity and fight against Cybercrime program, ECOWAS has trained law enforcement officials across West Africa in methods to confront cybercriminals and gather evidence to help prosecute them.
More must be done, however, according to Olagunju.
Countries across West Africa need to update their regulations regarding cybersecurity, work with the private sector as they do so and share what they’re learning about cyberattacks, she said.
“Governments and laws tend to react slower than the private sector,” Olagunju told the EU podcast. “Our regulations may not necessarily align with the technology changes we’re experiencing now. We need to be more responsive and iterative.”
Governments must find the political will to put cybersecurity at the top of their national policy agendas, she added.
To that end, ECOWAS is helping member states modernize their telecommunications sectors, including the regulations that make them work. Those regulations need to be more than words on paper if they’re going to make systems more resilient and robust to attacks, Olagunju said.
Part of the ECOWAS plan is to make sure West African countries are working along similar lines as they develop their cybersecurity plans so they can share information and build trust among themselves.
Olagunju suggests the ECOWAS model could be replicated across the continent’s other regional blocks, encouraging Africans to tailor their own solutions to the cybersecurity problem.
“It might make more sense for countries in the same block to reach out to each other,” she said. “It’s no longer ‘you versus me.’ It’s ‘us.’”