Chinese cybercriminals invading Africa

November 5, 2014

As Africans increasingly conduct their daily activities such as mobile banking, shopping and social networking on mobile devices, cyber criminals from China are targeting these devices that have become an integral part of Sub Saharan Africa population lives.The continent has seen a spike in cyber-attacks in the last few years. Now, the security experts have warned that Chinese nationals are orchestrating to hit innocent Africans where it hurts the most – mobile money transfer transactions. This is where most suffer loss in their cash during downtime and more importantly, for mobile network operator’s long term damage to their reputation and credibility. There is no doubt that mobile money retailers need systems to help monitor the threat landscape to identify latest attack techniques and trends. While this may be a time-consuming task that leaves many security experts without answers what their real threats are, many security vendors and partners serve as trusted resources on the topic. It is important to leverage these resources and make informed decisions.

Given the rapidly changing nature and attack techniques, mobile network operators and other mobile based money transfer service providers need to quickly adjust their defenses and avoid exposure to their business. It is important to ensure that their and customers security investments are aligned with the goals of their platform. Too much security can hinder the users’ experience but too little security creates exposures that if exploited erode brand value and worse, could result in fraud and unauthorized disclosure of sensitive customer information as happened in several highly publicized cases in Kenya, Uganda and Tanzania. Information security is very much an ongoing and repetitive process. Depending on the size of the company and number of customers, securing a system can be a full-time job.

Chinese attackers are said to be working overtime to poke holes in operators’ security measures, so it is essential that experts in such companies are up-to-date on the latest threats and trends, constantly re-evaluating the rules implemented. If Mobile operators do not have the time to manage these processes themselves, they must ensure that they are working with a trusted third party who will monitor threats and update the defenses regularly. However, despite all best efforts, sometimes cyber adversaries like the Chinese cyber criminals operating in African countries have proved, they are still able to get through the defenses. It is important for mobile money agents to have a comprehensive security and incident response strategy in place to prepare themselves for a potential security breach. It is never fun to be scrambling for a response protocol in the midst of a cyber-attack.

Contador Harrison