East African region faces sophisticated cyber attacks in 2014
As East African countries move towards a ubiquitously wired operations, the consequences of successful cyber penetrations of sensitive government details, business, banking and the telecommunications systems will increase dramatically and yet the region has failed to tackle the escalating problem in the region with more than $70m having been reported to be lost through banking fraud and cyber related crimes. Businesses and enterprise organizations around the East African region are likely to experience more sophisticated cyber onslaughts next year after a regional study revealed the volume of attacks will increase. Cybercriminals in the region are expected to rely more on highly advanced malware that have a higher risk of detection unlike other cyber weapons being used in western world. Online crooks in Kenya, Uganda and Tanzania have been using lower volume and specifically targeted attacks through stolen identity fraud and then using those credentials to move unilaterally throughout infiltrated networks. It is time for the East African governments to get serious about the growing cyber threat to region’s critical infrastructure and strategic competitiveness, which are of seminal importance to the East African Community prosperity and regional security.
Theft of intellectual property and financial information, as well as the compromise of state secrets and technological innovations has made it possible to criminals to target individuals and organizations that can hardly publicly acknowledge breaches of their computer security systems despite the fact that many businesses and government agencies have been experiencing significant cyber losses and disruptions. Studies in the region have predicted cybercriminals will focus their attacks more on data stored in the cloud versus data stored on the network. In addition to that, cyber attacks will be more diverse and data destruction incidents will increase significantly with Kenya being the most vulnerable country in the region for being the most wired country as well. Most security software used in the region remains extremely exposed to exploitation while others are running outdated and older versions. The problem will only get bigger as mobile and Internet penetration continues to grow rapidly and hardest part to come to grips with cyber intrusions is the heterogeneity of the attackers, the difficulty of proving their culpability and the increasing sophistication of the methods. In Tanzania, Kenya and Uganda attackers consist of individual crackers, hackers and regional criminal organizations largely made of non East Africans. Eastern European and West Africans who have been arrested in cyber criminal related activities in the region have cited their motivations as the illicit plans to make profits.
The aim of cyber criminals is to steal quietly without disclosure and anonymity has made it extremely difficult to prosecute them in courts of law. In the longer run, the electronic plundering of East Africa’s commercial and technological secrets may be the greatest of the many cyber threats the region will face from 2014 onwards. Given the seriousness of the threat, governments in the region will need to ensure there are available requisite technical knowledge, regulatory power and authority to manage the cyber attacks and deter attackers. The responses in East African countries have been low-key as fewer leaders seem to appreciate and understand the gravity of the crime. Me think there is need to establish a regional multi-agency Cyber Security Operations Centre tasked with evaluating cyber threats and coordinating the defense against them. There has been a gap in concerted effort to educate the still largely unsuspecting public especially the illiterate population. Regional public awareness campaign should be a critical first step towards a national cyber security strategy, since adherence to basic computer security procedures would substantially reduce the success rate of cyber attacks in the region and regional security chiefs needs to make an effective case for better Internet and mobile phone security otherwise the East African countries will continue to face a benign operating environment. As the East African region become a more wired society, the destabilizing consequences of a paralyzing strike against critical infrastructure will move from the realm of fiction to a grim reality that would be fatal and hard to undo.