The rate at which Africa’s digital space has been growing in recent years has been outstripping the rate at which governments are able to introduce cybersecurity laws to regulate and protect this unfamiliar landscape. Cybercriminals have exploited and continue to exploit this regulatory gap to their advantage. For the world of cybercrime, Africa has become the ideal hunting ground – a safe haven in which to operate with relative immunity, offering plenty of unprotected ‘low hanging-fruit’ for the taking.
Numerous reports in 2021 have drawn attention to the alarming levels of cybercrime across the continent. In August 2021, Liquid Intelligent Technologies surveyed companies in Kenya, South Africa and Zimbabwe, finding that 78% of companies in Kenya, 79% in South Africa and 82% in Zimbabwe, had experienced an increase in cybersecurity threats over the previous year. Most of these threats were linked to new remote working platforms with which employees were unfamiliar and using insecure home networks to access.
Whilst cybercrime has surged under the Covid-19 pandemic, it has been rife in Africa for some time. Readers may recall such high-profile cyberattacks as Boko Haram hacking the personnel database of Nigeria’s National Security Agency in 2013; the discovery in 2018 that the entire contents of the African Union Headquarter servers was being sent to Chinese hackers every night; and the City of Johannesburg’s website being hacked and held hostage for the sum of 4 bitcoins by a group known as Shadow Kill Hackers in October 2019.
The impacts of cyberattacks are incredibly damaging to African economies. It is the substantial financial losses that are most frequently cited. Serianu, a Kenyan cybersecurity firm, estimated that cybercrime had reduced African GDP by $4.12 billion in 2021. The most obvious way cybercrime causes this level of financial damage is by targeting individuals with online scams and attacking financial institutions, such as banks and investment funds. However, the impacts of cybercrime spread far wider than financial loss alone. Dependent upon the type of cyberattack, other impacts include, security breaches, the suspension of public services, disruption to trade and business, reputational damage, and the mental health impact of personal attacks, such as the use of sexually compromising images for digital extortion. Many of these other impacts will also involve financial loss in some way.
To respond to the exponential growth of cybercrime in Africa, INTERPOL published the African Cyberthreat Assessment Report in October 2021. The purpose of the report was two-fold. Firstly, to encourage African governments to pass and enforce more cybersecurity legislation; and secondly, to provide a detailed analysis of the most common forms of cybercrime in Africa. It is primarily the unfamiliarity of users with the emerging digital landscape that is driving the recent surge in cyberattacks. To remedy this, INTERPOL’s report draws attention to the five most prevalent forms of cybercrime in Africa.
Online scams – The dominant form of online scams in Africa is phishing. Phishing is the practice of sending fraudulent emails which purport to be from a reputable source, but are actually malicious attempts to scam victims, usually by getting them to click on a link.
Digital extortion – Digital extortion is a widespread cyberthreat in Africa. Cybercriminals attempt to coerce individuals by either claiming to possess, or proving that they possess, stolen data, that the victim must pay to have returned or prevent from being leaked online. Cyberattacks of this nature will often claim to have material of a sexual nature – this is called sextortion.
Business email compromise – Business email compromise is a form of cybercrime that targets businesses and companies for the purpose of financial gain or data theft. Cybercriminals will hack a legitimate business email account and send fraudulent emails posing as the account owner, asking for the transfer or money or information. Cybercriminals will often target high-level CEOs and Executives working in the financial sector.
Ransomware – Ransomware is type of malware that encrypts and shuts down systems. Cybercriminals will typically then demand a ransom in exchange for decrypting the system and getting it back up and running. Ransomware attacks will usually target large organisations, trade and maritime business, governments and public services, sometimes shutting their entire operations down for a time.
Botnets – A Botnet is a network of computers infected with a bot malware, allowing it to be controlled remotely by a hacker. A Botnet can then be used to send spam, launch ransomware attacks, disrupt regular services, or even be rented out to other cybercriminals.
Cybercrime in Africa primarily targets companies considered part of a country’s Critical Information Structure. These companies are referred to as CII’s. A straightforward definition of a CII is an ‘institution of a country that, when disrupted, will disturb the economy, livelihood, and security of the citizens of that country’. Virtually every sector can be considered part of a country’s CII. Indeed, in July 2021 Ghana’s National Cyber Security Advisor identified CII sectors as education, finance, defence and security, ICT, transportation, health, government, mining, manufacturing, energy, water, emergency, and agriculture. This leaves few companies and sectors not at risk of cyberthreats.
Understanding cybersecurity law on the African continent is key to avoiding costly penalties and putting yourself on the right side of the law. Our new research report examines the legal cybersecurity trends, looks at the regulatory framework in 10 African jurisdictions, and highlights case studies across the continent.
Download the report and discover why legal teams at Standard Bank, M-Kopa and IBM trust Afriwise for their legal insights.