Millions of new Africans connect to the internet every year, and governments and businesses are making enormous strides in digitization, bringing the continent into the mainstream of globalisation and spurring enormous economic growth.
Unfortunately, cybercrimes are rapidly increasing at the same pace. Cybercrimes have no borders and they are different from conventional crimes.
Above all, the criminal techniques are swiftly changing. In Africa for example, cybercrime is estimated to cost $4 billion a year.
This is a clear indication that cyber-attacks are a real threat and that cyberspace is not a safe environment.
Evidence may be derived from social media where irresponsible individuals have been spreading propaganda such as publishing doctrines promoting violence, extremism, recruitment and training of potential terrorists and transferring confidential information.
It is clear that if authorities fail to intervene immediately, this can be an opportunity for cyber criminals to advance.
Combating cybercrime starts with the authority responsible for the country’s security, to establish a cyber-security policy.
This can be followed by regulatory and legal infrastructures, cybercrime units, organisational institutions and public awareness. The more these strategies take time to be put in place, the faster the cybercrimes.
It is hoped though that all African countries will enact cybercrime legislation. In addition, there should be sustainable public awareness programmes on cybercrimes. Previous cyber-attacks in many African countries should serve as a wake-up call.
Cybercrime is also a global challenge. The evolving cybercrime landscape and resulting skills gaps are a significant challenge for law enforcement agencies and prosecutors, especially for cross-border enforcement.
Its control needs joint cooperation and Africa is, without doubt, part of it. However, the continent needs to put a strong and workable institutional framework first so as to be fully involved in the war against global cybercrime.
The policy protects information and builds the capability to prevent cyber-attacks through developing cyber security skill sets, cyber crisis management, critical infrastructure protection, public and private partnership security issues and other related policy issues.
The general objective of the cyber security policy is to make the country safe in cyberspace, by taking care of different aspects, including strengthening regulatory control, promoting of research and developments and securing the critical infrastructure.
Governments and private organisations have sensitive resources that need security. These include banks and other financial institutions which have been victims of cyber-attacks, some of which have lost millions through ATM and mobile banking thefts.
It is the responsibility of the bank and an individual who operates an account to ensure that his or her money is safe. Anything wrong with the money or transaction involving a third party means that one party must be liable.
The bank is required to ensure the customer’s transaction is safe, by preventing ATM and credit card fraud, phishing and money laundering.
Banks need to have a cyber security policy. The learning institutions need to include cyber security in their curriculum to enable lawyers, advocates, regulators, IT professionals, policymakers, managers and other people involved in security to be able to combat cyber security in their organisations.
It is through security awareness programmes that organisations can develop, grow and maintain the culture for their employees, vendors, and suppliers.
The country may also take advantage of international events like ‘Cyber Security Awareness Month’ and ‘Data Privacy Day’ to run national-level awareness programmes. Many CEOs and managers think that cyber security is technical and not a business problem.
This is a wrong perception. Reading culture builds the enthusiasm and skills for lifelong learning. Cyber security basic knowledge doesn’t need one to be an engineer or scientist.
There are a number of websites where an individual can learn a lot about security. Public awareness of cyber security seems to be very low.
Many people are using their date of birth, phone numbers, and other simple passwords which are easily identified for their mobile and ATM cards.
Cybercrime in social media is creeping in and this includes, the spread of weird and frightening pictures and explicit content.
Sharing password among members of family, friends and sometimes to unknown people claiming to be working in Telecommunication companies and banks have been used by many citizens to create a loophole for cybercriminals.
Yusuph Kileo is an expert in the field of cybersecurity and is a board member of the Africa ICT Alliance.