Cybercrime attacks remain unreported in Africa

Posted on February 9, 2013 08:12 am

Cybercrime attacks are going unreported in Africa with most private and public organizations unaware of incidents while those aware of them trying hard to cover them for fear of ruining their reputations especially the banking and financial institutions. Unreleased Cyber security study in Africa has found that 87 percent of African businesses had not detected a single security incident over the past twelve months. Another 49 percent reported less than two incidents while 41 percent reported more than two incidents. This raises a possibility that some organizations did not even realize the attack, which is worse while others don’t want to report them. The unreleased report proves beyond doubt what another report titled: Linking Cybersecurity Policy and Performance (pdf), showed that poor countries and regions like Africa are most affected by the Malware attacks.

The report was authored by Microsoft’s Global and Security Strategy and Diplomacy team and authors use statistical analysis based on the number of times the company’s Malicious Software Removal Tool which is distributed to Windows users via Microsoft Update and was run, and the number of malicious applications it cleared. The paper comes up with a metric it dubs CCM to measure the level of exposure to cyber security risk. The paper outlines the statistical calculations used to arrive at its conclusions and according to the authors, the MSRT tool is run around 600 million times per month, providing a strong statistical basis for drawing conclusions about malware infections. This represents a large proportion of the global personal computer install base, making the results a reasonable proxy for overall Cyber security levels.Also, the paper indicates there are strong correlations between countries adopting measures and the levels of malware infection.

Since 2008, financial fraud has replaced viruses as the main threat for computer users in Africa and mainly in organizations that are grappling with semi skilled IT staff. According to the unreleased report, only a small number of organizations announce incidents. Most organizations try their level best to conceal it to avoid bad publicity and suffer in silence. The most significant source of industrial espionage in Africa are insiders who are responsible for over 85% percent of information theft according to the surveys and some internal threats are benign. Generally, the unreleased report shows that Cyber threats in Africa are serious and it’s now a properly organized crime.In countries like Egypt, Kenya, Angola, Uganda, Nigeria, South Africa and Tanzania, the perpetrators are using social media networks, search engines and even innocent looking PDF and word files to spread malicious software in the continent. According to research from software security firm Symantec, 431 Million adults around the world fell victim to cybercrime attacks in 2010 with more than ten per cent being in Africa.

 

Contador Harrison