Cybersecurity: the big picture in Africa

Across both the public and private sectors on the African continent, ongoing technology adoption, sophistication, the digitization of services and transformation of operational processes has meant that the horizon of cybersecurity risks has not just broadened but increased in complexity.

Beyond the risks to organizations and consumers, there are emerging and growing concerns about some cybersecurity incidents that could potentially destabilize countries and occasion economic hardships.

The enterprise and consumer threat landscape in Africa

With the current levels of technological sophistication, some of the more common enterprise threats on the continent, as well as the actors and their motivations, include:

Related:Five cybersecurity startups to watch

Factors driving cybersecurity risks

For the most part, increased technology adoption and digital transformation – including the rise of cloud computing and the uptake of mobile technology – have also brought many cybersecurity risks that need attention.

Mobile adoption has presented both businesses and governments with an additional channel to serve or engage with consumers and citizens and a medium through which payments can be made.

Cloud computing services, which greatly reduce capital and operational expenditure while allowing for agility and quick deployment of services, have been largely driven by improved and more pervasive connectivity options.

Within these technologies there are many threat facets:

Related:Africa faces increased cyberthreats, security skills gap – Cisco

Aside from external threats, within organizations a constant Achilles' heel is people. 

One of the biggest and most constant concerns has to do with end-users whose lack of awareness and inadvertent actions sometimes cause serious data breaches for the organization or for themselves.

Other drivers which cut across both public and private sectors include budget constraints (that don’t allow investment in requisite security measures); the absence of internal security policies (which would also encapsulate awareness efforts); standards for vetting equipment, software and processes; and systems architecture problems. 

Outside of organizations and away from technology, from a regulatory point of view, weak enforcement, and the lack of standards and incident response protocols are also major contributors to cybersecurity threats.  

For some sectors that are most vulnerable, like financial services, the responsibility for this spreads out to industry associations and different regulators.  

Related:Zimbabwe intensifies cybersecurity awareness measures

However, for sectors that are less regulated and more fragmented or less homogenous in nature (e.g. retail) there are still gaps which need to be filled.

The impact of cybercrime

Cyberattacks manifest differently ranging from:

Looking beyond the threats that affect businesses, governments or consumers, there are also actors with peculiar motivations pertaining to human rights, geopolitics, national politics and economic issues.  

This is a dominion where greater scrutiny may be required as the risks are not always clear and mitigation measures vary vastly.

Offshoring cybercrime

Several African countries have, over the years, touted themselves as great ICT offshoring destinations, based on the strength of improved infrastructure (connectivity and power), a growing skills base, low labor costs and great weather.

Some of these attributes have also appealed to criminal syndicates who have been setting up operations in several African countries.

African countries may not yet account for a big proportion of cybersecurity incidents or losses incurred – based on the relative size of different countries' economies – but they are increasingly playing a role in enabling cybercrime within and outside the continent.

Several countries are becoming hosts from which cybercrime attacks emanate as vigilance has mostly been from more problematic countries in Asia and Eastern Europe. 

Thus, criminal cells have set up their networks in countries from which traditionally attacks did not emanate from before.    

Several African countries are becoming hosts from which cybercrime attacks emanate. (Source: Image by DC Studio on Freepik)

West Africa stands out as one of the growing hubs for cybercrime.

Around mid-2024, The International Criminal Police Organization (Interpol) moved in on one of the more prominent criminal networks, Black Axe, whose operations span five continents and whose activities include online fraud, money laundering and cryptocurrency theft. 

Other factors that are allowing this offshoring of cybercrime include:

Hacktivism

In countries where there are human rights violations, issues around poor governance or corruption, "benevolent" hacktivists have taken it upon themselves to show allyship with citizens by disabling government websites and services in a bid to lend their weight to existing concerns. 

Going by the current trends noted by several African countries – in which the democratic space is shrinking or where citizens are more burdened by the excesses of the ruling class or grappling with the negative economic effects of corruption – it can be expected that this is one area of cybersecurity that will remain on the horizon for a long time to come.

Cyber warfare and espionage

Cyber warfare and espionage might be more pronounced outside of Africa but are likely to become even more common, especially in regions where hostilities exist between countries. 

In essence, nations have been known to direct hackers to either attack the systems of another country or start misinformation campaigns with varying end-games including social engineering, economic sabotage and political destabilization.  

While this has not been known to happen yet in Africa, it may be just a matter of time before it does.

Political problems

An interesting aspect of cybersecurity relates to regulations and measures instituted by governments, which in retrospect seem ostensibly to address the core issues, but which are perceived as levers to manage dissent, allow for citizen surveillance and other areas that may not always be in citizens' best interests.

When systems are put in place to curtail avenues of corruption and fraud, it is never in the interests of those responsible to ensure they are effective, which can result in the creation of deliberate loopholes for misuse.

This also opens a door for cybercriminals, some of whom may work in collusion with civil servants or politicians.

As it were, government systems are predominantly vulnerable to attack for various reasons including the use of legacy systems, lack of expertise and reliance on external providers. 

Most entities are particularly attractive, not just to cybercriminals but also to those with certain political motivations, because of the sheer volume of personal information they possess through the hundreds of services delivered online.

The path ahead

As governments, businesses and consumers continue to grapple with cybersecurity – and bearing in mind that some risks have been borne of increased technological adoption – there are more technologies coming down the line which make it even more imperative to put the right measures in place.

The use of artificial intelligence (AI) has grown in leaps and bounds over the past few years.

However, it has dragged along with it unsavory uses including the creation of deep fakes, data harvesting and algorithms which are all playing an additional role in cybercrime for financial fraud, phishing and social engineering.

Adoption of the Internet of Things (IoT) by different businesses and for varying use cases, is slowly adding to the end points which can be exploited to enter networks. 

These are sometimes part of a complex cloud architecture which, when poorly configured, may offer up additional vulnerable points.