ADF STAFF
By all accounts, Africa’s post-pandemic future looks bright because innovation, enthusiasm and technology will support economic growth in 2022. But there is a dark side to that sunny economic future — cybercrime.
The continent is home to a youthful, tech-centric population. It has the fastest-growing mobile phone and internet networks in the world and makes the most use of mobile banking services.
Unsurprisingly, Africa is witnessing a surge in cyberattacks.
It has become a major priority for the African Union Mechanism for Police Cooperation (AFRIPOL), which recently partnered with the International Criminal Police Organization (Interpol) to warn countries of the threat.
“Cybercrime is one of the most rapidly developing offenses among the fastest growing forms of transnational crime facing member states of the African Union,” AFRIPOL Executive Director Tarek Sharif wrote in Interpol’s “African Cyberthreat Assessment Report 2021.”
Interpol Director of Cybercrime Craig Jones said criminals are exploiting vulnerabilities across the region and taking advantage of “variations in law enforcement capabilities across physical borders.”
“INTERPOL’s regional cybercrime strategy for Africa provides a robust framework for sharing intelligence and coordinating action to strengthen the law enforcement response across Africa and beyond,” he said on the organization’s website.
According to cybersecurity experts, these are the top threats and trends for 2022:
Ransomware
The fastest-growing form of cybercrime, ransomware attacks occur every 11 seconds worldwide.
Cybercriminals hack or infiltrate computer systems, encrypt critical data to block access, then demand a ransom to restore the system’s functionality.
South Africa’s state-owned Transnet organization faced an unprecedented cyberattack in July, which severely disrupted its services.
The Institute for Security Studies noted that it was the “first time the integrity of South Africa’s critical maritime infrastructure has been severely disrupted.”
The attack is believed to have suspended the automated and online container-handling facilities in Cape Town and Durban, the busiest port in Sub-Saharan Africa.
In its “State of Ransomware 2021” report, software security company Sophos surveyed South Africans and found that 24% had experienced a ransomware attack in the past 12 months.
On the continent, South Africa and Zambia are among the countries hardest hit by ransomware, the report stated.
The average cost to recover data stolen in industrial ransomware attacks in South Africa was $447,097.
Writing for South African website ITWeb, François Amigorena, founder and CEO of IS Decisions, described how ransomware has become the continent’s dominant cybercrime.
“Never before have companies in Africa been subjected to extortion on such a massive scale as they are today. And while there have been a number of high-profile cyber-crime arrests made by law enforcement over the past few years, cyber criminals continue to evolve and diversify their arsenal.”
Fraud
Fake websites, emails and text messages claiming to be from legitimate sources are used to trick individuals into revealing passwords as well as personal and financial information.
A June survey by credit reporting agency TransUnion found 68% of South African respondents said they or their families had experienced fraud on social networks since the start of the pandemic.
TransUnion data also showed that digital fraud attempts against businesses increased 44% in the past year compared to pre-pandemic levels.
One expert — Ettiene Van Der Watt, regional director for the Middle East and Africa for video surveillance company Axis Communications — predicts digital scams will become harder to prevent in 2022 with the improvement of deepfake technology, in which media is manipulated to replace an existing image or video with someone else’s likeness.
“With improved methods of manipulating and altering images and videos, the authenticity of captured real-world events and people is compromised,” he wrote for South Africa’s TechMetro website. “This is not a problem exclusive to the security sector, but it is one that requires comprehensive solutions to overcome, such as applying digital signatures and verifying the source of data to specific hardware.
“The application of AI [artificial intelligence] also shows promise in being able to detect when manipulation has occurred. Regardless, this is a challenge that multiple sectors have to contend with and work harder to combat.”
Digital extortion
Another major trend in cybercrime is extortion, in which victims are tricked into sharing compromising information or images that are used for blackmail.
Only 30% of the South African public sector feels prepared for an onslaught of cyber extortion, according to Anna Collard of cybersecurity company KnowBe4 Africa.
“Cybercriminals are combining various methods to make their cyber extortion more effective,” she said in a statement. “Demands are getting bigger and the impact more pernicious to our economy and society as a whole.
“The fact that the sector admits it is not prepared for this, and the fact it is an attractive target, means that its security has to become a priority.”
Cryptocurrency
Scams to defraud victims of their cryptocurrency are on the rise as well. South Africa was one of the top 10 countries worldwide in which criminal networks received cryptocurrency from illicit addresses in 2021.
An August 2021 report by the Institute for Security Studies highlighted two cryptocurrency investment scams in South Africa:
“The world’s biggest crypto scam in 2020 was perpetrated in South Africa by Mirror Trading International,” the institute reported. “Using a Ponzi scheme, hundreds of thousands of victims were swindled out of US$588 million in Bitcoin.
“In April 2021, South Africa was again in the news with an even bigger crypto hack — this time by a company called Africrypt, whose two founders stole US$3.6 billion from investors in a matter of hours.”