SlideShare ist ein Scribd-Unternehmen logo

Cyber Security in Africa: Examining Threats Across Egypt, South Africa, Kenya and Nigeria/TITLE

IDG Connect
IDG Connect

Egypt has seen a sharp rise in cybercrime and malware in recent years. Political unrest led the government to shut off internet access during protests in 2011. Egypt now ranks third globally for phishing attacks and had one of the highest malware infection rates in Africa in 2012. The government is working to establish comprehensive cybersecurity laws and regulations but currently has only piecemeal legislation across various bills. Reducing software piracy by 10% could generate $287 million and nearly 2,000 new IT jobs for Egypt.

Technologie
1 von 17
Downloaden Sie, um offline zu lesen
CYBER-CRIME , HACKING AND MALWARE 2013 AFRICA As economies and technology thrive across Africa, IDG Connect investigates the state of cyber threats across the four corners of the continent. With spotlights on Egypt, South Africa, Kenya and Nigeria, this paper also presents local security opinions from experts on the ground. 19th October 2012
Africa Contents African Overview 3 Introduction 3 The Security Conundrum 4 Malware and Piracy 4 Regulation 5 Expert Opinion - Contador Harrison 6 Software Director, Somocon Oy, Finland Egypt : SP TLIGHT 7 Cyber-crime 7 Politics 8 Cyber-war 8 Expert Opinion - Pierluigi Paganini 9 Chief Security Information Officer, Bit4ld Group & Founder of SecurityAffairs.co South Africa : SP TLIGHT 10 Decline in Viruses 10 Pirates and Hackers 11 Overview 11 Kenya : SP TLIGHT 12 Open Season for Hackers 12 Fighting Back 13 Expert Opinion - Kostja Reim 14 Managing Director of Security Risk Solutions Ltd Nigeria : SP TLIGHT 15 People Power 15 Positive Action 16 Conclusion 17
Africa Introduction In the first decade of this millennium, the Economist found that six of the world’s fastest growing economies were in sub-Saharan Africa. This has only continued, and today the continent is renowned for its bourgeoning middle class, mall culture and rapid adoption of mobile technology. In a recent report from HSBC that predicted the top 50 world economies of 2050, there were substantial rises expected across Africa; Egypt is due to climb 15 places to 20th position (putting it four places ahead of the Netherlands, which drops nine places); whilst Nigeria is anticipated to rise nine places to 37th. It seems Africa is finally beginning to put its stamp on the global economic map. The African Development Bank expects most of Africa to comprise of a solid middle-class by 2030, with consumer spending power likely to hit $2.2 trillion. Not surprisingly, big businesses are starting to move in - IBM already has operations in more than 20 African countries, and this August announced plans to open its first tech research hub on the African continent, in Nairobi. News, research and economic reports all paint the same picture: Africa is on the up; change, development and opportunity are firmly on the horizon. However, like every positive story there is always a negative underbelly lurking beneath the surface. In Africa, like everywhere else in the world, progress is indelibly linked with IT and technology. And like everywhere else, technology has its downsides: malware, threats and cyber-crime. In the Western world the difficulty lies in constantly upgrading and securing IT whilst simultaneously retiring legacy systems; many countries in Africa may provide a virtually blank slate, but do they have the knowledge to maximise this potential? To give some global context, the US has a 78% internet penetration (World Internet Stats), whilst Nigeria - which has the highest levels in Africa - stands at only 29%. South Africa - which has the largest economy on the continent - is currently at 14%. Mobility aside, with the African market so new, as IT levels improve is Africa really equipped to remain secure? Nigeria Egypt $235.92 Billion GDP $229.53 Billion GDP 29% Internet Penetration 26% Internet Penetration Nigeria’s infamous for Egypt has seen a sharp rise cybercrime and the notorious in malware and cyber-crime ‘Nigerian Prince’ emails still in recent years. feature prominently. Kenya $33.62 Billion GDP 26% Internet Penetration Kenya’s chronic hacking problem and general lack of internet security is currently being addressed South Africa by the government. $408.24 Billion GDP 14% Internet Penetration South Africa’s relatively under-developed infrastructure makes its high rates of cybercrime all the more alarming. 3
Africa The Security Conundrum As the IT sector continues to grow, concerns about security will only rise. Greater accessibility means more opportunities for criminals to exploit naive users, and inexperience with technology increases the chance of encountering viruses and malware. Ill-prepared governments and businesses can also suffer at the hands of hackers taking advantage of the inadequate protection put in place. Each area of Africa is unique, however, there are some notable trends; skills shortages and lack of education on potential cyber threats seems to be a recurring theme, and levels of viruses and malware are significantly higher to other regions, such as Europe. The aim of this report from IDG Connect is to investigate how Africa as a continent is coping with IT security. This is no simple task; it is a very diverse region, with approximately 30 million square kilometres of land mass, 57 countries and (by estimates) as many as 3000 languages. So, in order to make this as digestible as possible we decided to focus on four pivotal countries, which tie together the four corners of Africa: Egypt, South Africa, Kenya and Nigeria. Throughout this report we attempt to collate the wealth of information available in order to provide a cohesive snapshot of security across the continent. Malware and Piracy Malware infection rates by country According to Microsoft’s Security Intelligence Report for the (per thousand computers) - 2011 second half of 2011, malware infections in Africa are higher [Source Microsoft Security Intelligence Report] than the worldwide average. The infection rate in Egypt which has been on the increase over the past two years, is now the highest in Africa and among the top five worldwide. 20+ Worms were also a common problem, and phishing sites were much higher than the worldwide average in Algeria and 15-20 Tunisia in 2011. 10-15 Africa traditionally has a high rate of software piracy. 5-10 According to BSA’s 2011 study, the average in the region is around 73%, and there has been little change in recent 0-5 years. In fact, parts of Northern Africa have seen a slight rise between 2010-2011, possibly due to the Arab Spring Morocco Nigeria France Australia Canada Algeria US Egypt Kenya SA uprisings. Aside from the financial loss (approx. $1,785M), this high level of unauthorised software is likely to add to the region’s virus and malware woes. 4
Africa Regulation In order to address security, governments are now looking to introduce wider-reaching cyber-security laws. Many African countries currently have no laws, or have piecemeal legislation in other bills. To remedy this, much of the continent is looking to pass regional cyber bills that allow countries to work together in preventing crimes. All 15 countries in the Southern African Development Community (SADC) have, or are in the process of passing, a cyber- bill. The East African Community (EAC) is on track to have a common cyber-crime bill for the region, while the Economic Community of West African States (ECOWAS) has yet to adopt such a policy. As well as legislation, nine countries also have their own Computer Emergency Response Teams (CERT). SADC countries that have crafted cyber-crime legislation to curb computer-related crimes SADC countries that are crafting cyber-crime legislation to curb computer-related crime Will be involved with East African Community (EAC) joint cyber-crime laws Have a Computer Emergency Response Team (CERT) 5
Africa Expert Opinion Contador Harrison, Software Director, Somocon Oy, Finland  African Union must act to reduce cyber-crime The current situation in Africa cannot be allowed to continue because internet crime, intellectual property, and identity theft are thriving, and a good number of continent heavyweights have now begun to prepare for cyber-warfare, yet close to half of their population are living on under a dollar per day. Criminal organizations are making hundreds of millions of dollars and appear to be re-investing to develop new and more sophisticated scams in the continent. African governments must act to reduce cyber-crime and to secure the key systems and infrastructure in the continent. African governments must not launch their e-government systems until security can be guaranteed. If necessary, they should only be utilized on a separate network through a secure network for key national systems and infrastructure. One of the most important services on the Internet today is still one of the most insecure, and that’s email. The fastest way for a criminal organization to breach security is through the use of email. It is fundamental that the use of SSL certificates for SMTP server to SMTP server communications and the use of SSL certificates for SMTP server to client communications be implemented first. I do also feel that most countries need new legislations that will set out a path towards Africa having two separate networks. One would remain the public Internet and the other would be a secure network for key national systems and infrastructure. Also, I feel it is important to make it clear how authorities disconnect parts of the network and to disconnect countries from the African countries network should be detailed. Protocols need to be put in place for these actions to occur and it must be decided who will carry out the actions. Legislation should set out a timeline and framework whereby equipment and systems suppliers will be required to improve their products with safety and security in mind because this has been a thorn to some governments in East and Southern Africa. Certain well-known security flaws in the way computers are made and sold must be identified in the legislation and made illegal, especially in East and Southern Africa countries where rogue suppliers thrive by selling substandard and refurbished computers which are sold at the same price as new ones. One of the many cases I have witnessed in African countries I have visited - Operating Systems are sold without adequate integrated anti-virus and anti-malware capability. I have always argued in the past that all computers connected to the Internet should be registered and the computer operating system should report the computers’ state, including the health of the anti-virus and anti-malware checks. If you look at the automobile industry in the continent, which is also growing at a very fast rate, registration is mandatory for any vehicle utilizing public roads in any country within the African Union member states. In 12 African countries I have visited, car roadworthy checks are carried out randomly and whenever a vehicle is sold, valuers have to value it afresh before a new buyer acquires it. African Union, Africa’s governing body should take the lead by working with its member states to identify and try to solve some of the issues with the internet. But the pace of this continental effort is glacial and more needs to be done to reduce cyber- crime in Africa. 6
Africa EGYPT : SP TLIGHT It’s hard to talk about IT security in Egypt without going into politics. The uprising and recent elections have had a big impact on almost every aspect of life in Egypt, and the world of IT is no different. As one of the continent’s biggest economies, and just coming out the other side of civil unrest, the new government has a lot of work ahead of it. While cyber-security seems to have improved in recent years, since last year’s uprisings, things appear to have deteriorated. Unlike many parts of Africa, Egypt has a relatively well-developed IT landscape. It has infrastructure, 3G in the cities, a competitive and affordable telecomms sector, and a well-trained IT workforce of around 200,000. Mobile penetration stands at 112% - over 90 million people - while the region's internet boasts 30 million users, of whom around 22% shop using E-commerce, and many think Egypt is poised to emerge as a major player in the information economy. 112% mobile penetration 26% internet penetration [Sources: World Internet Stats, Egypt Ministry of Communications and Information Technology] According to BSA’s most recent global software piracy study, Egypt’s levels of pirated software stands at around 60%, slightly higher than the average in the region, and totalling a value of $172m. The government has said it has plans to curb piracy and intellectual property abuses which, according to the IIPA, could “generate US$254 million in GDP, US$33 million in additional tax revenues and 1,978 new IT jobs” if the piracy rate was reduced by 10% in four years. Cyber-Crime While there were relatively few targeted cyber-attacks originating out In 2010 Egypt was named by of North Africa last year, Egypt isn’t crime free. Despite Damballa Labs Kaspersky Labs as one of claiming “Egypt isn’t a global player in cyber-crime,” history seems to disagree. In 2010 Egypt was named by Kaspersky Labs as one of the the top sources of password- top sources of password-stealing Trojans, and the year before, Egyptian stealing trojans, and the year hackers were involved in one of the world’s largest cyber-crime criminal before, Egyptian hackers were court cases. More recently, Websense named Egypt third for countries involved in one of the world’s hosting phishing fraud in this year’s Threat Report. While it totalled 6.8% largest cyber-crime criminal of worldwide phishing, the report noted it had experienced a large rise in the last year. Whether this is related to the recent political turmoil is hard court cases. to tell. This year’s Microsoft Malware Protection Center figures shows that last year Egypt had one of the highest malware detection figures on the whole continent, which may be due to a high number of people using older versions of internet browsers, which are always more vulnerable to attacks than up-to-date software. 7
Africa Politics Between 28th January and 2nd February 2011, Egypt was one of, if not the, first users of an internet ‘Killswitch,’ where the Egypt ranking for worldwide phishing: government essentially shut off the entire internet in the country with aims to stop protestors communicating. The move wasn’t 3rd popular, but did lead to other countries contemplating similar ideas. Interestingly one of the earliest ways this shut-off was discovered by those outside the country was through malware monitoring. In retaliation, the hacktivist group Anonymous launched ‘Operation Egypt’, bringing down four government Egyptian computers infected by FLAME malware: sites with DDoS attacks, while spammers used unrest to target people looking for news on the subject. 5 Now that peace has returned to the country (though the internet freedoms are said to be strict), the new government can get on with addressing new cyber-crime bills. Currently there is no comprehensive cyber-space law, though there are piecemeal parts across other separate bills. An unregulated internet is a breeding ground for hackers and criminals, and something Estimated savings from reducing software concrete needs to be put in place as soon as possible. Despite piracy by 10%: these problems, the government is moving towards better cyber security. The Ministry of Communications 2011 round up explains how the Egyptian Computer Emergency Response $287million & 1978 jobs Team (EG-CERT) is working internationally to help combat [Sources: Websense, Kaspersky Labs, IIPA] cyber-crime, which is a good sign. Cyber-War The recent Flame attacks that struck Iran and other MENA countries (including Egypt) have brought state-led cyber- attacks and the general idea of ‘cyber-war’ to the foreground, and it seems the Egyptian government had similar plans of their own. Around April last year, it came to light that a UK firm offered custom-made malware to Egyptian Security Services. Consisting of a “remote intrusion solution,” the total deal was projected to cost the government just over $350,000. Meanwhile, a new Persian-born trojan was discovered spying on Egypt’s Middle Eastern neighbours only recently. While these state-sponsored attacks may become a common occurrence in the coming years, Egypt would do well to rise above the regional political quagmire and avoid trying their own versions of these attacks. Though out of government hands, Egyptian hackers have been reported as going specifically for Israeli websites. Last year Israeli Prime Minister Benjamin Netanyahu’s own site was hacked, placing an image of Egyptian soldiers raising the Egyptian flag in Sinai, while in April, Barack Obama’s Israeli site was hacked by the group known as ‘TeaM HacKer Egypt’. Egypt is at a crossroads. The fledgling government needs to be careful in getting the balance right. They need a new set of laws and policies that help tighten security and reduce problems with hackers and phishing, but without oppressing the people and suffering the inevitable pushback from hackers and a vocal youth unafraid of showing their grievances. 8
Africa Expert Opinion   Pierluigi Paganini, Chief Security Information Officer Bit4ld Group & Founder of SecurityAffairs.co The African challenge is one of the most interesting adventures in the cyber security landscape; despite adverse political and economic events, the continent is demonstrating an impressive increase in technological demand. According to statistics, Africa has an internet penetration level of 13% with a relative growth of 2,988.4 % in the period 2000-2011 - an unparalleled rise. With such numbers and growth, cyber security assumes a fundamental importance. Egypt, for example, has a mobile penetration of 112%, and more than 20 million internet users, but it’s clear that the level of exposure to cyber threats is really high, and is likely to increase. The entire region of North Africa represents a valuable market in cyber security, an opportunity for both African and also foreign businesses. Looking deeper into cyber security in North Africa, it is worth noting that despite a low number of state- sponsored attacks, the countries still suffers from cybercrime. In 2011 was discovered Operation Phish Phry, which was conducted by Egyptian-based hackers who obtained bank account numbers and related personal identification information from an unknown number of bank customers with a phishing campaign. Meanwhile, according to the Websense Threat Report, Egypt is third for countries hosting phishing fraud with a total of 6.8% of worldwide phishing. The African hacking underground is considered one of the most interesting; according to researchers of Kaspersky Lab, Egypt is one of the primary users and designers for cyber espionage malware. Where this is the case, the commitment of governments and mutual collaboration are important factors to successful introduction of technology on a large scale. Good strategy will involve the creation and the strengthening of Computer Emergency Response Teams (CERT) for the monitoring of cyberspace and of course, as usual, the engagement of common people in the new digital experience. The Middle East and North Africa (MENA) countries are at a delicate historic point where a suitable cyber strategy could significantly influence their development in the mid- and long-term. Increased investment in cyber security is an obligation, not a choice, in order to avoid disastrous consequences for everybody, because cyber space has no borders. 9
Africa SOUTH AFRICA : SP TLIGHT Despite being the largest economy on the continent, making up 30% of the total income of the continent by some estimates, South Africa is struggling with a range of issues typically associated with emerging markets. In 2009, a carrier pigeon proved quicker than broadband at relaying information from one side of the country to the other. And now, despite the addition of undersea broadband cables, rural areas lack proper communications infrastructure and connection speeds are still incredibly slow. What is more, despite relatively low numbers of internet users, South Africa ranks higher than it probably should on cyber-crime statistics. Computers infected 8.1 with Malware in SA 7.1 World average 14% internet penetration Computers infected with malware per 1000 [sources: Microsoft Security Intelligence Report, Internet World Stats] Decline in Viruses While the number of viruses in the country is relatively high, the good news is that the figures are declining, albeit slowly. The number of worms decreased in the last quarter of 2011 by 0.9%, while trojans were also down. According to Microsoft's Malicious Software Removal Tool (MSRT) there was malware detected on 8.1 of every 1,000 computers scanned in SA in the fourth quarter of 2011, compared to the worldwide average of 7.1 for the same period. While still unacceptably high, it has been declining all year, thanks to improving local security tools, so progress is being made. A report on SA security by WolfPack provides some really useful insight into how businesses approach security. This shows 93% of companies have tools to capture and report on risks, and around 60% expected a rise in their security budget next year. However, some worrying stats show almost a third of companies have no defined cyber- forensics process, and over half have problems with budgets, enforcing policy and security, data leakage and lack of commitment from management. The most common incident on the rise is online fraud, with over 20% reporting an increase in the last 12 months, while second was device theft (also rated as decreasing the most). 67% 46% 41% 84% of SA companies expect didn’t spend anything won’t spend anything of South Africans have a rise in their security on security awareness next year been a victim of cyber- budget next year this year crime (Value $573M) R150billion Estimated loss to insider fraud per year ($18.3 billion) [Sources: Wolfpack, Norton, Supervision] 10
Africa Pirates & Hackers While software piracy stands at around half the levels of its BRIC counterparts, according to BSA around a third of all South African software is pirated, well above the likes of the US (21%), but lower than most of Africa. Using pirated software always runs the risk of introducing viruses, and needs tackling if SA wants to improve its security standards. Reducing piracy rates can be a difficult task however, and piracy rates have remained unchanged for several years. Software Piracy [Source: BRICS] 2010 2011 78% 77% 65% 63% 64% 63% 54% 59% 58% 53% 35% 35% Country: Brazil Russia India China SA BRICS Average Value in 2011: $2,848M $2,659M $2,930M $8,902M $564M $3,581M Despite the hacking of the ANC Youth League’s website last year, hacking in general hasn’t quite reached the same levels as other countries (there’s no ‘Anonymous SA’ for example), with an average of one or two major stories hitting the news each year. So far, this year’s big hacking story was a cyber-bank robbery on New Year’s Day, where the thieves managed to steal $6.7m over 72 hours. Norton’s cyber-crime figures for SA are estimated to total $573M, with 84% of people having been a victim at some point. And although the number of phishing attacks on the country are down by 11% year on year, they still run into the millions. Overview Although a decrease in attacks does sound like a good thing, it may be a result of South Africa’s low number of internet users, who make up around 14% of the population (though growing quickly). To add to this, there is a skills shortage in the IT sector, which could be slowing down the development of the country. The World Economic Forum’s Global IT Report said of SA: “Important shortcomings in terms of basic skills availability in large segments of the population and the high costs of accessing the insufficiently developed ICT infrastructure result in poor rates of ICT usage,” despite efforts from businesses to integrate IT into the workplace. According to iC3 figures, Rural areas of the country are especially at risk, after one study from SA ranks 7th in the ResearchSpace.csir found “a large portion of the South African population that has not had regular and sustained exposure to technology and broadband world for cyber-crime, internet access [could] expose local communities to cyber threats.” According surprisingly high for a to iC3 figures, SA ranks 7th in the world for cyber-crime, and has hovered country with relatively few around the same position on the list for a good few years. These numbers are internet users. surprisingly high for a country with relatively few internet users. Despite some of the problems, back in Pretoria the government is taking steps to improve security. Its new cyber- security policy aims to create a more secure digital environment through awareness programs aimed at both the public and businesses, better research and skills, and establishing a National Cyber-Security Centre. Overall South Africa has less trouble with hackers and both businesses and governments are taking steps to improve education and protection. However problems with viruses and fraud do still remain. 11
Africa KENYA : SP TLIGHT Kenya is fast becoming a major player in the IT sector. East Africa's biggest economy has undergone something of an IT revolution in recent years, with the sector outperforming other more traditional ventures such as agriculture and manufacturing for a few years now. But lack of skills and protection is leaving computers extremely susceptible to viruses and hacking. KENYA SA $71.4b $555.1b $36m $573m Crime cost as a % of economy = 0.05% Crime cost as a % of economy = 0.01% US $15.1tr Size of economy Estimated cost of cyber-crime each year $32b [Sources: Daily Nation, IMF, Norton] Crime cost as a % of economy = 0.02% According to World Bank data, mobile subscriptions actually outnumber adults in the country, and as with many markets, the rise of Kenya’s Generation Y, combined with affordable smartphones, internet and social media have all been a key influence on this rise. Of the 17 million people on the Internet, 6 million are mobile internet users, and that number is rising steeply. Kenya seems to be going towards a wholly mobile internet set up. But perhaps because so few people are hooked up at home (around 2% have home computers), this could be the reason Kenya is vulnerable and open to attacks. Open Season for Hackers Recently, workers from the Kaspersky Lab said 20% of computers being used in Kenya are vulnerable to viruses, and the number is rising. They attributed 17% of that to the use of free software downloaded from the internet, saying ignoring updates left them vulnerable, and pointed to the government to create proper regulations on cyber-crime. Less than half of SMBs think staff are properly Meanwhile a research paper from the Jomo Kenyatta University of Agriculture and Technology on Kenyan SMBs found some very worrying statistics. Less trained to secure their than half felt they had documented information security policy, roughly the computers properly at same amount thought staff were properly trained to secure their computers all times. properly at all times, fewer than half had a business continuity plan in the event of a disaster, while almost half weren’t aware of international information security standards available for organisations to adopt. This level of negligence and ignorance is dangerous, especially when novice hackers are targeting the country for fun and succeeding every time. Proper training and business strategies are key. 12
Africa But it’s not just ignorance and possibility; Kenya’s security problems are very real. Forensic experts are claiming cyber-crime poses the biggest challenge to organisations and the police, and already costs Kenya almost Sh3 billion ($36 million) every year. Organisations are being urged to employ Forensic Certified Public Accountants (FCPAs) to try and counter the problem. Aside from cyber-crime, your average ‘hacktivists’ are targeting Kenya for fun and practice. Last year, an Indonesian student-hacker known 42.8% as ‘direxer’, took down 103 government of Kenya web sites overnight. 20% Part of an online Indonesian security forum known as Forum Code Security, the hacker said he took down Average ‘hacktivists’ the web sites following tutorials from are targeting Kenya for the forum. That followed a year after Kenya fun and practice. One another hacker attacked and disabled hacker took down 103 the official police site, and two university hacks, one to change exam results government of Kenya and another to clear student fees. web sites overnight by Clearly this should cause concern. If following tutorials from government and academic institutional % of SMBs in Kenya who have an online forum. sites are being hacked so easily, there’s not security trained their staff nothing to say local businesses are in any more of a secure position. Various blogs online offer some advice for % of computers in Kenya basic security but there are some serious questions that need answering, vunerable to viruses not by blogs, but by the government and the private sector to really address what is a lack of adequate protection. [Source: Kaspersky, cscjournals] Fighting Back The business level responses so far have seen Techno Brain, an IT solutions company, starting to offer hacking forensic courses to banks, government agencies and other corporates, while Kenya Methodist University (KeMU) launched a string of professional courses in IT security, in an attempt to plug some of the holes these attacks have highlighted. The government is moving in the right direction too. Last year they set up their own Computer Incident Response Team (CIRT) to combat the problem, which aims to deal with incidents, promote security, issue warnings, and generally try to address the issues the country has with security and bring it up to scratch with the rest of the world. However, the government is also making some not so great decisions. Its new Information Protection bill has been labelled ‘flawed’ by the Kenyan chapter of the International Body for Professionals in Audit and Information Security (ISACA), who said it was a step in the right direction but left holes open for misuse. New monitoring devices installed by the Communication Commission of Kenya (CCK) are worryingly Big Brother, though they promise they are for assisting in early detection and prevention of cyber-crime incidents, and have said, “It is a passive system and not a tool for spying on users. The system cannot be used to block access to the internet at all.” This monitoring of the public web traffic is very worrying for people. Clearly Kenya has some serious security issues that need addressing. This isn’t to say they are the only victims, as seen by the recent attacks on the likes of Sony and LinkedIn, but a major government site being brought down by a lone student makes it clear security isn’t good enough by any stretch of the imagination. The lack of knowledge and skilled workers also need to be tackled, otherwise East Africa’s biggest economy may become a hacker’s paradise. 13
Africa Expert Opinion Kostya Reim, Managing Director of Security Risk Solutions Ltd In a country pained by poverty, famine, refugees, war on Somalia and terrorist attacks; one would not believe that Information Security was an everyday topic. Indeed, priorities are a little different and have been, understandably, for the last decade as the country progresses on its Vision 2030 implementation. Kenya as the business and financial hub of Eastern Africa is slowly gaining back its powerhouse reputation once gained in the 70s, and is a vastly growing center in the region. Even though the cost of living keeps at par with the ever-increasing global trends, the spending power of Kenyans is manifested by the mushrooming shopping malls and office buildings in the cities and suburbs. Convenience is a regular requirement during the busy and traffic-affected days and therefore the uptake of Internet (on Mobile), Mobile Banking (M-PESA), Internet Banking, Credit Cards and eCommerce has been massive and overwhelming. Information Security’s biggest driver is compliance and so it has been in Kenya. The regulators have defined very clear guidelines and issued directives that are clear and implementable. This includes PCI DSS controls, regular penetration testing, and guidelines for security in Internet Banking, as with the recent changes of the Prudential Guidelines issued by the Central Bank of Kenya. Many banks, merchants and payment processors are undertaking PCI remedial projects and placing controls where previously have been none. Investigations into computer abuse and fraud have resulted in many more convictions as the changes in telecoms and evidence acts have now reached the courts of law. The media has become infosec aware and report on issues of breaches and developments regularly and with depth. The government has recognized the risk and made information security a key requirement in their e-government strategic plan. So clearly, Kenya is on its way, development and infosec wise, thanks to a great number of technology professionals making the lives of Kenyans more convenient and technology-enabled every day, sometimes with mishaps that put them at risk... 14
Africa NIGERIA : SP TLIGHT Nigeria boasts a 29% internet penetration rate, the highest in Africa, yet has suffered for years with 419 scammers. Though not as bad as it was once, the infamous Nigerian prince scams have certainly had an impact on the country’s reputation. 2015 70m 2012 45m $200m annual cost of cyber-crimes to the Nigerian economy 0m 50m 100m [source: IT News Africa] Nigerian Internet Users, [source: The Guardian Nigeria, Internetworldstats] Like many African countries, Nigeria suffers from an underdeveloped and unreliable fixed-line infrastructure. However, that hasn’t stopped it topping 45 million internet users, the highest number on the continent. But with such large numbers come many dangers. Emerging markets across the world are suffering at the hands of targeted hackers and malware due to insecure websites and “Nigeria, being a fast poorly-trained staff. And on the whole Nigeria is no different. emerging market... risks Though the country may be aiming to have 70 million internet users by 2015, higher foreign invasion of Symantec has warned that the rise of internet users in Nigeria puts the country cyber-attacks because at a greater risk from cyber-crime. Kelvin Isaac, Symantec’s Vice President of the glut in capacity of Emerging Markets said, “Nigeria, being a fast emerging market, with huge utilisation.” bandwidth deposits from the various submarine cables, risk higher foreign invasion of cyber-attacks because of the glut in capacity utilization. [That is the] Reason why government, regulators and operators must work in collaboration to ensure that every avenue to encourage is blocked completely in the country and the risk mitigated.” Like many places around the world, SMBs are particularly at risk as they lack proper security plans and trained in-house staff to counter or quickly recover from any attacks. People Power There are plenty of web 2.0-literate people in the country, but not necessarily using their skillset for legal purposes. Last year a group of Nigerian hackers known as NaijaCyberHacktivists attacked government sites, including the National Poverty Eradication Programme website and the Niger Delta Development Commission, posting a letter protesting against the N1b ($6.6 million) cost for inauguration for President Goodluck Jonathan and the country’s Freedom of Information Act. The author of the report pointed to the county’s rabid unemployment figures (currently hovering around the 23% mark) and a country that is ‘rich in raw technology talent’. In a similar attack in January the Economic and Financial Crime Commission (EFCC) was attacked in response to reports of corruption. 15
Africa This pool of unemployed and angry talent has only recently started targeting its government. For years Nigeria has been king of spam, with promises of Nigerian Princes offering millions for only a small advance fee. These 419 Scams (in reference to the article it’s a crime under in the Nigerian Criminal Code) are so synonymous with the country they are often called Nigerian scams. Back in 2005 Lagos was widely considered the world’s leading place for scam crimes. Although they are still common, they have been on the decline of late (spam is at its lowest levels for years) and Nigerian police have been more active in recent years in shutting down these kinds of operations. Positive Action Given that Nigeria’s IT sector is booming, programmes to equip more people for careers in the sector are coming through, including World Bank’s ACCESS (Assessment of Core Competence for Employability in the Services Sector) programme, which trains young people on a variety of aspects, from written English and basic numerical skills to internet browsing, use of office software, and attention to detail. It’s not quite on the same level as Kenya’s various forensic hacking courses, but it’s a start. The government is trying to gain traction on developing a world class IT sector, with various ideas and policies to improve accessibility. But a possible cyber-crime spree waiting to happen lies within the country’s move towards a ‘cashless society.’ This move to reduce the amount of cash used and increase electronic payments is a perfectly valid one, but where money is involved there will always be criminals trying to abuse the system. And without adequate protection, hackers could rob organisations of several millions, if not billions, of Naira. A big stumbling block is the country’s lack of cyber security law. It is making it difficult to actually criminalise the hacking of any websites in the country, governmental or otherwise. Dr. Emmanuel Ekuwem, chief executive of Teledom International Group, lamented this lack of law, saying, “Do we have a cybercrime and cyber security law in place? No! Have we designated our Critical National Information Infrastructure? No! There is no law yet that criminalises the hacking any websites. Pity!” A bill is in the works, and has been promised sooner rather than later, but when that actually will be is anyone’s guess. Nigeria is a country with a tradition in cyber-fraud with 419, but as that slowly gets put to bed it will want to avoid the rise of hackers, especially around its E-commerce ambitions. As with many emerging markets, proper training and security measures will help immensely. But critically, getting a proper cyber-security bill in place is needed as a tangible deterrent to would-be criminals. Without that, Nigerian Princes needing bank account details might be the least of people’s worries. 16
Africa Conclusion The African landscape is changing rapidly. This can be seen across expanding economies, rising populations and major technological developments. Over the last few years this has resulted in many improvements. However, due to the pivotal nature of technology, one serious stumbling block to true progress could well be IT security. There are so many granular differences across 57 diverse African countries that it is hard to assess the pan-African situation in any meaningful way. To tackle this we split the continent into four and looked at one country across each of the corners. Through this approach some core trends did surface. These are namely, a massive IT skills shortage, a severe lack of education on potential cyber-threats, along with significantly higher levels of viruses and malware than other regions, such as Europe. These concerns do seem to be gradually reaching governments, and necessary legislation is slowly being put in place, but security overall is clearly a big problem across the continent. This report has shown that malware and cyber-crime have taken a sharp rise in Egypt in recent years; South Africa suffers from a profound lack of security awareness; Kenya is subject to chronic hacking and Nigeria is still world famous for its ‘Nigerian Prince’ emails. With business booming; numerous foreign companies moving in, and IT looking set to play an ever more crucial role in the continent’s development, it is becoming more and more vital that IT security sits firmly on the African agenda. About IDG Connect IDG Connect is the demand generation division of International Data Group (IDG), the world’s largest technology media company. Established in 2005, it utilises access to 35 million business decision makers’ details to unite technology marketers with relevant targets from any country in the world. Committed to engaging a disparate global IT audience with truly localised messaging, IDG Connect also publishes market specific thought leadership papers on behalf of its clients, and produces research for B2B marketers worldwide. For more information visit: http://www.idgconnect.com/ 17

Empfohlen

Project Cyber Dawn: Libya
Project Cyber Dawn: LibyaProject Cyber Dawn: Libya
Project Cyber Dawn: LibyaAmr Ali
 
Forbes Africa - Africa ICT Outlook 2016
Forbes Africa - Africa ICT Outlook 2016Forbes Africa - Africa ICT Outlook 2016
Forbes Africa - Africa ICT Outlook 2016Tebogo Mogapi
 
21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma 21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma Mohamed N. El-Guindy
 
Cyber crime (mis305)
Cyber crime (mis305)Cyber crime (mis305)
Cyber crime (mis305)Istiaq Jahan Shuvo
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastMohamed N. El-Guindy
 
Short 11-00 Jart Armin - The Pocket Botnet
Short 11-00 Jart Armin - The Pocket BotnetShort 11-00 Jart Armin - The Pocket Botnet
Short 11-00 Jart Armin - The Pocket BotnetUISGCON
 
Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastMohamed N. El-Guindy
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 

Empfohlen

Project Cyber Dawn: Libya
Project Cyber Dawn: LibyaProject Cyber Dawn: Libya
Project Cyber Dawn: LibyaAmr Ali
 
Forbes Africa - Africa ICT Outlook 2016
Forbes Africa - Africa ICT Outlook 2016Forbes Africa - Africa ICT Outlook 2016
Forbes Africa - Africa ICT Outlook 2016Tebogo Mogapi
 
21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma 21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma Mohamed N. El-Guindy
 
Cyber crime (mis305)
Cyber crime (mis305)Cyber crime (mis305)
Cyber crime (mis305)Istiaq Jahan Shuvo
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastMohamed N. El-Guindy
 
Short 11-00 Jart Armin - The Pocket Botnet
Short 11-00 Jart Armin - The Pocket BotnetShort 11-00 Jart Armin - The Pocket Botnet
Short 11-00 Jart Armin - The Pocket BotnetUISGCON
 
Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastMohamed N. El-Guindy
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security ThreatsQuick Heal Technologies Ltd.
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPTAnshuman Tripathi
 
Cyber security
Cyber securityCyber security
Cyber securitySiblu28
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
 
Building Cybersecurity Ecosystems in Africa: A Prescription for Resilience
Building Cybersecurity Ecosystems in Africa: A Prescription for ResilienceBuilding Cybersecurity Ecosystems in Africa: A Prescription for Resilience
Building Cybersecurity Ecosystems in Africa: A Prescription for ResilienceMoses Kemibaro
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityKpieleh Ferdinand
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Team Finland Future Watch
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Business Finland
 
Shaping the Future of the Internet in Africa
Shaping the Future of the Internet in AfricaShaping the Future of the Internet in Africa
Shaping the Future of the Internet in AfricaInternet Society
 
Cybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardCybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardGokul Alex
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Andrea Rossetti
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats ReportMcafeeCareers
 
3 Thoughts On The Digital Divide
3 Thoughts On The Digital Divide3 Thoughts On The Digital Divide
3 Thoughts On The Digital DivideJorge Bossio
 
My presentation
My presentationMy presentation
My presentationsa12chindra
 
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)Shreedeep Rayamajhi
 

Weitere ähnliche Inhalte

Andere mochten auch

Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber security
Cyber securityCyber security
Cyber securitySiblu28
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Andere mochten auch (8)

Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Ähnlich wie Cyber Security in Africa: Examining Threats Across Egypt, South Africa, Kenya and Nigeria/TITLE

The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
 
Building Cybersecurity Ecosystems in Africa: A Prescription for Resilience
Building Cybersecurity Ecosystems in Africa: A Prescription for ResilienceBuilding Cybersecurity Ecosystems in Africa: A Prescription for Resilience
Building Cybersecurity Ecosystems in Africa: A Prescription for ResilienceMoses Kemibaro
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Team Finland Future Watch
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Business Finland
 
Shaping the Future of the Internet in Africa
Shaping the Future of the Internet in AfricaShaping the Future of the Internet in Africa
Shaping the Future of the Internet in AfricaInternet Society
 
Cybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardCybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardGokul Alex
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Andrea Rossetti
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats ReportMcafeeCareers
 
3 Thoughts On The Digital Divide
3 Thoughts On The Digital Divide3 Thoughts On The Digital Divide
3 Thoughts On The Digital DivideJorge Bossio
 
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)Shreedeep Rayamajhi
 
[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber CrimeChallenge:Future
 
Digital Bosphorus - The State of Turkish eCommerce 2013 - Sina Afra
Digital Bosphorus - The State of Turkish eCommerce 2013 - Sina AfraDigital Bosphorus - The State of Turkish eCommerce 2013 - Sina Afra
Digital Bosphorus - The State of Turkish eCommerce 2013 - Sina AfraSina Afra
 
cyber crime it presentation
cyber crime it presentationcyber crime it presentation
cyber crime it presentationKenzaJamil
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptabilityitnewsafrica
 

Ähnlich wie Cyber Security in Africa: Examining Threats Across Egypt, South Africa, Kenya and Nigeria/TITLE (20)

The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
 
Building Cybersecurity Ecosystems in Africa: A Prescription for Resilience
Building Cybersecurity Ecosystems in Africa: A Prescription for ResilienceBuilding Cybersecurity Ecosystems in Africa: A Prescription for Resilience
Building Cybersecurity Ecosystems in Africa: A Prescription for Resilience
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...
 
Shaping the Future of the Internet in Africa
Shaping the Future of the Internet in AfricaShaping the Future of the Internet in Africa
Shaping the Future of the Internet in Africa
 
Cybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardCybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way Forward
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats Report
 
3 Thoughts On The Digital Divide
3 Thoughts On The Digital Divide3 Thoughts On The Digital Divide
3 Thoughts On The Digital Divide
 
My presentation
My presentationMy presentation
My presentation
 
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
Concept paper-on-igf-2014-istanbul-turkey-from-nepal-s-perspective-docx (1)
 
[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime
 
CTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste Yankey
 
Digital Bosphorus - The State of Turkish eCommerce 2013 - Sina Afra
Digital Bosphorus - The State of Turkish eCommerce 2013 - Sina AfraDigital Bosphorus - The State of Turkish eCommerce 2013 - Sina Afra
Digital Bosphorus - The State of Turkish eCommerce 2013 - Sina Afra
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
cyber crime it presentation
cyber crime it presentationcyber crime it presentation
cyber crime it presentation
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
 

Mehr von IDG Connect

Are you concerned about your online identity?
Are you concerned about your online identity? Are you concerned about your online identity?
Are you concerned about your online identity? IDG Connect
 
Bullying Amongst IT Professionals
Bullying Amongst IT Professionals Bullying Amongst IT Professionals
Bullying Amongst IT Professionals IDG Connect
 
InfoShot: Smartphones Dial Up The World
InfoShot: Smartphones Dial Up The WorldInfoShot: Smartphones Dial Up The World
InfoShot: Smartphones Dial Up The WorldIDG Connect
 
Infoshot: Diversity in Tech Firms
Infoshot: Diversity in Tech FirmsInfoshot: Diversity in Tech Firms
Infoshot: Diversity in Tech FirmsIDG Connect
 
Info shot which is the biggest online time-waster
Info shot which is the biggest online time-wasterInfo shot which is the biggest online time-waster
Info shot which is the biggest online time-wasterIDG Connect
 
Bullying: The Uncomfortable Truth About IT
Bullying: The Uncomfortable Truth About IT Bullying: The Uncomfortable Truth About IT
Bullying: The Uncomfortable Truth About IT IDG Connect
 
State of Hybrid Cloud
State of Hybrid Cloud State of Hybrid Cloud
State of Hybrid Cloud IDG Connect
 
Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016 Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016 IDG Connect
 
Cyber Security Regulations in Europe
Cyber Security Regulations in EuropeCyber Security Regulations in Europe
Cyber Security Regulations in EuropeIDG Connect
 
OpenStack: The Platform of Choice for Cloud [Infographic]
OpenStack: The Platform of Choice for Cloud [Infographic]OpenStack: The Platform of Choice for Cloud [Infographic]
OpenStack: The Platform of Choice for Cloud [Infographic]IDG Connect
 
Digital Maturity in the Financial Sector
Digital Maturity in the Financial Sector Digital Maturity in the Financial Sector
Digital Maturity in the Financial Sector IDG Connect
 
Desktop as a Service Infographic
Desktop as a Service Infographic Desktop as a Service Infographic
Desktop as a Service Infographic IDG Connect
 
20 Red Hot, Pre-IPO Companies in 2015 B2B Tech
20 Red Hot, Pre-IPO Companies in 2015 B2B Tech20 Red Hot, Pre-IPO Companies in 2015 B2B Tech
20 Red Hot, Pre-IPO Companies in 2015 B2B TechIDG Connect
 
20 Red Hot, Pre-IPO Companies in 2014 B2B Tech
20 Red Hot, Pre-IPO Companies in 2014 B2B Tech20 Red Hot, Pre-IPO Companies in 2014 B2B Tech
20 Red Hot, Pre-IPO Companies in 2014 B2B TechIDG Connect
 
Oracle connect zone case study
Oracle connect zone case studyOracle connect zone case study
Oracle connect zone case studyIDG Connect
 
Ethiopian Business
Ethiopian BusinessEthiopian Business
Ethiopian BusinessIDG Connect
 
Healthcare Report: Robots, Tablets & Social Media
Healthcare Report: Robots, Tablets & Social MediaHealthcare Report: Robots, Tablets & Social Media
Healthcare Report: Robots, Tablets & Social MediaIDG Connect
 
US Data Privacy Laws
US Data Privacy LawsUS Data Privacy Laws
US Data Privacy LawsIDG Connect
 
Global big data final
Global big data finalGlobal big data final
Global big data finalIDG Connect
 

Mehr von IDG Connect (20)

Are you concerned about your online identity?
Are you concerned about your online identity? Are you concerned about your online identity?
Are you concerned about your online identity?
 
Bullying Amongst IT Professionals
Bullying Amongst IT Professionals Bullying Amongst IT Professionals
Bullying Amongst IT Professionals
 
InfoShot: Smartphones Dial Up The World
InfoShot: Smartphones Dial Up The WorldInfoShot: Smartphones Dial Up The World
InfoShot: Smartphones Dial Up The World
 
Infoshot: Diversity in Tech Firms
Infoshot: Diversity in Tech FirmsInfoshot: Diversity in Tech Firms
Infoshot: Diversity in Tech Firms
 
Info shot which is the biggest online time-waster
Info shot which is the biggest online time-wasterInfo shot which is the biggest online time-waster
Info shot which is the biggest online time-waster
 
Bullying: The Uncomfortable Truth About IT
Bullying: The Uncomfortable Truth About IT Bullying: The Uncomfortable Truth About IT
Bullying: The Uncomfortable Truth About IT
 
State of Hybrid Cloud
State of Hybrid Cloud State of Hybrid Cloud
State of Hybrid Cloud
 
Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016 Security in the Hybrid Cloud Now and in 2016
Security in the Hybrid Cloud Now and in 2016
 
Cyber Security Regulations in Europe
Cyber Security Regulations in EuropeCyber Security Regulations in Europe
Cyber Security Regulations in Europe
 
OpenStack: The Platform of Choice for Cloud [Infographic]
OpenStack: The Platform of Choice for Cloud [Infographic]OpenStack: The Platform of Choice for Cloud [Infographic]
OpenStack: The Platform of Choice for Cloud [Infographic]
 
Digital Maturity in the Financial Sector
Digital Maturity in the Financial Sector Digital Maturity in the Financial Sector
Digital Maturity in the Financial Sector
 
Desktop as a Service Infographic
Desktop as a Service Infographic Desktop as a Service Infographic
Desktop as a Service Infographic
 
20 Red Hot, Pre-IPO Companies in 2015 B2B Tech
20 Red Hot, Pre-IPO Companies in 2015 B2B Tech20 Red Hot, Pre-IPO Companies in 2015 B2B Tech
20 Red Hot, Pre-IPO Companies in 2015 B2B Tech
 
20 Red Hot, Pre-IPO Companies in 2014 B2B Tech
20 Red Hot, Pre-IPO Companies in 2014 B2B Tech20 Red Hot, Pre-IPO Companies in 2014 B2B Tech
20 Red Hot, Pre-IPO Companies in 2014 B2B Tech
 
Green IT
Green ITGreen IT
Green IT
 
Oracle connect zone case study
Oracle connect zone case studyOracle connect zone case study
Oracle connect zone case study
 
Ethiopian Business
Ethiopian BusinessEthiopian Business
Ethiopian Business
 
Healthcare Report: Robots, Tablets & Social Media
Healthcare Report: Robots, Tablets & Social MediaHealthcare Report: Robots, Tablets & Social Media
Healthcare Report: Robots, Tablets & Social Media
 
US Data Privacy Laws
US Data Privacy LawsUS Data Privacy Laws
US Data Privacy Laws
 
Global big data final
Global big data finalGlobal big data final
Global big data final
 

Kürzlich hochgeladen

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Kürzlich hochgeladen (20)

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

Cyber Security in Africa: Examining Threats Across Egypt, South Africa, Kenya and Nigeria/TITLE

  • 1. CYBER-CRIME , HACKING AND MALWARE 2013 AFRICA As economies and technology thrive across Africa, IDG Connect investigates the state of cyber threats across the four corners of the continent. With spotlights on Egypt, South Africa, Kenya and Nigeria, this paper also presents local security opinions from experts on the ground. 19th October 2012
  • 2. Africa Contents African Overview 3 Introduction 3 The Security Conundrum 4 Malware and Piracy 4 Regulation 5 Expert Opinion - Contador Harrison 6 Software Director, Somocon Oy, Finland Egypt : SP TLIGHT 7 Cyber-crime 7 Politics 8 Cyber-war 8 Expert Opinion - Pierluigi Paganini 9 Chief Security Information Officer, Bit4ld Group & Founder of SecurityAffairs.co South Africa : SP TLIGHT 10 Decline in Viruses 10 Pirates and Hackers 11 Overview 11 Kenya : SP TLIGHT 12 Open Season for Hackers 12 Fighting Back 13 Expert Opinion - Kostja Reim 14 Managing Director of Security Risk Solutions Ltd Nigeria : SP TLIGHT 15 People Power 15 Positive Action 16 Conclusion 17
  • 3. Africa Introduction In the first decade of this millennium, the Economist found that six of the world’s fastest growing economies were in sub-Saharan Africa. This has only continued, and today the continent is renowned for its bourgeoning middle class, mall culture and rapid adoption of mobile technology. In a recent report from HSBC that predicted the top 50 world economies of 2050, there were substantial rises expected across Africa; Egypt is due to climb 15 places to 20th position (putting it four places ahead of the Netherlands, which drops nine places); whilst Nigeria is anticipated to rise nine places to 37th. It seems Africa is finally beginning to put its stamp on the global economic map. The African Development Bank expects most of Africa to comprise of a solid middle-class by 2030, with consumer spending power likely to hit $2.2 trillion. Not surprisingly, big businesses are starting to move in - IBM already has operations in more than 20 African countries, and this August announced plans to open its first tech research hub on the African continent, in Nairobi. News, research and economic reports all paint the same picture: Africa is on the up; change, development and opportunity are firmly on the horizon. However, like every positive story there is always a negative underbelly lurking beneath the surface. In Africa, like everywhere else in the world, progress is indelibly linked with IT and technology. And like everywhere else, technology has its downsides: malware, threats and cyber-crime. In the Western world the difficulty lies in constantly upgrading and securing IT whilst simultaneously retiring legacy systems; many countries in Africa may provide a virtually blank slate, but do they have the knowledge to maximise this potential? To give some global context, the US has a 78% internet penetration (World Internet Stats), whilst Nigeria - which has the highest levels in Africa - stands at only 29%. South Africa - which has the largest economy on the continent - is currently at 14%. Mobility aside, with the African market so new, as IT levels improve is Africa really equipped to remain secure? Nigeria Egypt $235.92 Billion GDP $229.53 Billion GDP 29% Internet Penetration 26% Internet Penetration Nigeria’s infamous for Egypt has seen a sharp rise cybercrime and the notorious in malware and cyber-crime ‘Nigerian Prince’ emails still in recent years. feature prominently. Kenya $33.62 Billion GDP 26% Internet Penetration Kenya’s chronic hacking problem and general lack of internet security is currently being addressed South Africa by the government. $408.24 Billion GDP 14% Internet Penetration South Africa’s relatively under-developed infrastructure makes its high rates of cybercrime all the more alarming. 3
  • 4. Africa The Security Conundrum As the IT sector continues to grow, concerns about security will only rise. Greater accessibility means more opportunities for criminals to exploit naive users, and inexperience with technology increases the chance of encountering viruses and malware. Ill-prepared governments and businesses can also suffer at the hands of hackers taking advantage of the inadequate protection put in place. Each area of Africa is unique, however, there are some notable trends; skills shortages and lack of education on potential cyber threats seems to be a recurring theme, and levels of viruses and malware are significantly higher to other regions, such as Europe. The aim of this report from IDG Connect is to investigate how Africa as a continent is coping with IT security. This is no simple task; it is a very diverse region, with approximately 30 million square kilometres of land mass, 57 countries and (by estimates) as many as 3000 languages. So, in order to make this as digestible as possible we decided to focus on four pivotal countries, which tie together the four corners of Africa: Egypt, South Africa, Kenya and Nigeria. Throughout this report we attempt to collate the wealth of information available in order to provide a cohesive snapshot of security across the continent. Malware and Piracy Malware infection rates by country According to Microsoft’s Security Intelligence Report for the (per thousand computers) - 2011 second half of 2011, malware infections in Africa are higher [Source Microsoft Security Intelligence Report] than the worldwide average. The infection rate in Egypt which has been on the increase over the past two years, is now the highest in Africa and among the top five worldwide. 20+ Worms were also a common problem, and phishing sites were much higher than the worldwide average in Algeria and 15-20 Tunisia in 2011. 10-15 Africa traditionally has a high rate of software piracy. 5-10 According to BSA’s 2011 study, the average in the region is around 73%, and there has been little change in recent 0-5 years. In fact, parts of Northern Africa have seen a slight rise between 2010-2011, possibly due to the Arab Spring Morocco Nigeria France Australia Canada Algeria US Egypt Kenya SA uprisings. Aside from the financial loss (approx. $1,785M), this high level of unauthorised software is likely to add to the region’s virus and malware woes. 4
  • 5. Africa Regulation In order to address security, governments are now looking to introduce wider-reaching cyber-security laws. Many African countries currently have no laws, or have piecemeal legislation in other bills. To remedy this, much of the continent is looking to pass regional cyber bills that allow countries to work together in preventing crimes. All 15 countries in the Southern African Development Community (SADC) have, or are in the process of passing, a cyber- bill. The East African Community (EAC) is on track to have a common cyber-crime bill for the region, while the Economic Community of West African States (ECOWAS) has yet to adopt such a policy. As well as legislation, nine countries also have their own Computer Emergency Response Teams (CERT). SADC countries that have crafted cyber-crime legislation to curb computer-related crimes SADC countries that are crafting cyber-crime legislation to curb computer-related crime Will be involved with East African Community (EAC) joint cyber-crime laws Have a Computer Emergency Response Team (CERT) 5
  • 6. Africa Expert Opinion Contador Harrison, Software Director, Somocon Oy, Finland  African Union must act to reduce cyber-crime The current situation in Africa cannot be allowed to continue because internet crime, intellectual property, and identity theft are thriving, and a good number of continent heavyweights have now begun to prepare for cyber-warfare, yet close to half of their population are living on under a dollar per day. Criminal organizations are making hundreds of millions of dollars and appear to be re-investing to develop new and more sophisticated scams in the continent. African governments must act to reduce cyber-crime and to secure the key systems and infrastructure in the continent. African governments must not launch their e-government systems until security can be guaranteed. If necessary, they should only be utilized on a separate network through a secure network for key national systems and infrastructure. One of the most important services on the Internet today is still one of the most insecure, and that’s email. The fastest way for a criminal organization to breach security is through the use of email. It is fundamental that the use of SSL certificates for SMTP server to SMTP server communications and the use of SSL certificates for SMTP server to client communications be implemented first. I do also feel that most countries need new legislations that will set out a path towards Africa having two separate networks. One would remain the public Internet and the other would be a secure network for key national systems and infrastructure. Also, I feel it is important to make it clear how authorities disconnect parts of the network and to disconnect countries from the African countries network should be detailed. Protocols need to be put in place for these actions to occur and it must be decided who will carry out the actions. Legislation should set out a timeline and framework whereby equipment and systems suppliers will be required to improve their products with safety and security in mind because this has been a thorn to some governments in East and Southern Africa. Certain well-known security flaws in the way computers are made and sold must be identified in the legislation and made illegal, especially in East and Southern Africa countries where rogue suppliers thrive by selling substandard and refurbished computers which are sold at the same price as new ones. One of the many cases I have witnessed in African countries I have visited - Operating Systems are sold without adequate integrated anti-virus and anti-malware capability. I have always argued in the past that all computers connected to the Internet should be registered and the computer operating system should report the computers’ state, including the health of the anti-virus and anti-malware checks. If you look at the automobile industry in the continent, which is also growing at a very fast rate, registration is mandatory for any vehicle utilizing public roads in any country within the African Union member states. In 12 African countries I have visited, car roadworthy checks are carried out randomly and whenever a vehicle is sold, valuers have to value it afresh before a new buyer acquires it. African Union, Africa’s governing body should take the lead by working with its member states to identify and try to solve some of the issues with the internet. But the pace of this continental effort is glacial and more needs to be done to reduce cyber- crime in Africa. 6
  • 7. Africa EGYPT : SP TLIGHT It’s hard to talk about IT security in Egypt without going into politics. The uprising and recent elections have had a big impact on almost every aspect of life in Egypt, and the world of IT is no different. As one of the continent’s biggest economies, and just coming out the other side of civil unrest, the new government has a lot of work ahead of it. While cyber-security seems to have improved in recent years, since last year’s uprisings, things appear to have deteriorated. Unlike many parts of Africa, Egypt has a relatively well-developed IT landscape. It has infrastructure, 3G in the cities, a competitive and affordable telecomms sector, and a well-trained IT workforce of around 200,000. Mobile penetration stands at 112% - over 90 million people - while the region's internet boasts 30 million users, of whom around 22% shop using E-commerce, and many think Egypt is poised to emerge as a major player in the information economy. 112% mobile penetration 26% internet penetration [Sources: World Internet Stats, Egypt Ministry of Communications and Information Technology] According to BSA’s most recent global software piracy study, Egypt’s levels of pirated software stands at around 60%, slightly higher than the average in the region, and totalling a value of $172m. The government has said it has plans to curb piracy and intellectual property abuses which, according to the IIPA, could “generate US$254 million in GDP, US$33 million in additional tax revenues and 1,978 new IT jobs” if the piracy rate was reduced by 10% in four years. Cyber-Crime While there were relatively few targeted cyber-attacks originating out In 2010 Egypt was named by of North Africa last year, Egypt isn’t crime free. Despite Damballa Labs Kaspersky Labs as one of claiming “Egypt isn’t a global player in cyber-crime,” history seems to disagree. In 2010 Egypt was named by Kaspersky Labs as one of the the top sources of password- top sources of password-stealing Trojans, and the year before, Egyptian stealing trojans, and the year hackers were involved in one of the world’s largest cyber-crime criminal before, Egyptian hackers were court cases. More recently, Websense named Egypt third for countries involved in one of the world’s hosting phishing fraud in this year’s Threat Report. While it totalled 6.8% largest cyber-crime criminal of worldwide phishing, the report noted it had experienced a large rise in the last year. Whether this is related to the recent political turmoil is hard court cases. to tell. This year’s Microsoft Malware Protection Center figures shows that last year Egypt had one of the highest malware detection figures on the whole continent, which may be due to a high number of people using older versions of internet browsers, which are always more vulnerable to attacks than up-to-date software. 7
  • 8. Africa Politics Between 28th January and 2nd February 2011, Egypt was one of, if not the, first users of an internet ‘Killswitch,’ where the Egypt ranking for worldwide phishing: government essentially shut off the entire internet in the country with aims to stop protestors communicating. The move wasn’t 3rd popular, but did lead to other countries contemplating similar ideas. Interestingly one of the earliest ways this shut-off was discovered by those outside the country was through malware monitoring. In retaliation, the hacktivist group Anonymous launched ‘Operation Egypt’, bringing down four government Egyptian computers infected by FLAME malware: sites with DDoS attacks, while spammers used unrest to target people looking for news on the subject. 5 Now that peace has returned to the country (though the internet freedoms are said to be strict), the new government can get on with addressing new cyber-crime bills. Currently there is no comprehensive cyber-space law, though there are piecemeal parts across other separate bills. An unregulated internet is a breeding ground for hackers and criminals, and something Estimated savings from reducing software concrete needs to be put in place as soon as possible. Despite piracy by 10%: these problems, the government is moving towards better cyber security. The Ministry of Communications 2011 round up explains how the Egyptian Computer Emergency Response $287million & 1978 jobs Team (EG-CERT) is working internationally to help combat [Sources: Websense, Kaspersky Labs, IIPA] cyber-crime, which is a good sign. Cyber-War The recent Flame attacks that struck Iran and other MENA countries (including Egypt) have brought state-led cyber- attacks and the general idea of ‘cyber-war’ to the foreground, and it seems the Egyptian government had similar plans of their own. Around April last year, it came to light that a UK firm offered custom-made malware to Egyptian Security Services. Consisting of a “remote intrusion solution,” the total deal was projected to cost the government just over $350,000. Meanwhile, a new Persian-born trojan was discovered spying on Egypt’s Middle Eastern neighbours only recently. While these state-sponsored attacks may become a common occurrence in the coming years, Egypt would do well to rise above the regional political quagmire and avoid trying their own versions of these attacks. Though out of government hands, Egyptian hackers have been reported as going specifically for Israeli websites. Last year Israeli Prime Minister Benjamin Netanyahu’s own site was hacked, placing an image of Egyptian soldiers raising the Egyptian flag in Sinai, while in April, Barack Obama’s Israeli site was hacked by the group known as ‘TeaM HacKer Egypt’. Egypt is at a crossroads. The fledgling government needs to be careful in getting the balance right. They need a new set of laws and policies that help tighten security and reduce problems with hackers and phishing, but without oppressing the people and suffering the inevitable pushback from hackers and a vocal youth unafraid of showing their grievances. 8
  • 9. Africa Expert Opinion   Pierluigi Paganini, Chief Security Information Officer Bit4ld Group & Founder of SecurityAffairs.co The African challenge is one of the most interesting adventures in the cyber security landscape; despite adverse political and economic events, the continent is demonstrating an impressive increase in technological demand. According to statistics, Africa has an internet penetration level of 13% with a relative growth of 2,988.4 % in the period 2000-2011 - an unparalleled rise. With such numbers and growth, cyber security assumes a fundamental importance. Egypt, for example, has a mobile penetration of 112%, and more than 20 million internet users, but it’s clear that the level of exposure to cyber threats is really high, and is likely to increase. The entire region of North Africa represents a valuable market in cyber security, an opportunity for both African and also foreign businesses. Looking deeper into cyber security in North Africa, it is worth noting that despite a low number of state- sponsored attacks, the countries still suffers from cybercrime. In 2011 was discovered Operation Phish Phry, which was conducted by Egyptian-based hackers who obtained bank account numbers and related personal identification information from an unknown number of bank customers with a phishing campaign. Meanwhile, according to the Websense Threat Report, Egypt is third for countries hosting phishing fraud with a total of 6.8% of worldwide phishing. The African hacking underground is considered one of the most interesting; according to researchers of Kaspersky Lab, Egypt is one of the primary users and designers for cyber espionage malware. Where this is the case, the commitment of governments and mutual collaboration are important factors to successful introduction of technology on a large scale. Good strategy will involve the creation and the strengthening of Computer Emergency Response Teams (CERT) for the monitoring of cyberspace and of course, as usual, the engagement of common people in the new digital experience. The Middle East and North Africa (MENA) countries are at a delicate historic point where a suitable cyber strategy could significantly influence their development in the mid- and long-term. Increased investment in cyber security is an obligation, not a choice, in order to avoid disastrous consequences for everybody, because cyber space has no borders. 9
  • 10. Africa SOUTH AFRICA : SP TLIGHT Despite being the largest economy on the continent, making up 30% of the total income of the continent by some estimates, South Africa is struggling with a range of issues typically associated with emerging markets. In 2009, a carrier pigeon proved quicker than broadband at relaying information from one side of the country to the other. And now, despite the addition of undersea broadband cables, rural areas lack proper communications infrastructure and connection speeds are still incredibly slow. What is more, despite relatively low numbers of internet users, South Africa ranks higher than it probably should on cyber-crime statistics. Computers infected 8.1 with Malware in SA 7.1 World average 14% internet penetration Computers infected with malware per 1000 [sources: Microsoft Security Intelligence Report, Internet World Stats] Decline in Viruses While the number of viruses in the country is relatively high, the good news is that the figures are declining, albeit slowly. The number of worms decreased in the last quarter of 2011 by 0.9%, while trojans were also down. According to Microsoft's Malicious Software Removal Tool (MSRT) there was malware detected on 8.1 of every 1,000 computers scanned in SA in the fourth quarter of 2011, compared to the worldwide average of 7.1 for the same period. While still unacceptably high, it has been declining all year, thanks to improving local security tools, so progress is being made. A report on SA security by WolfPack provides some really useful insight into how businesses approach security. This shows 93% of companies have tools to capture and report on risks, and around 60% expected a rise in their security budget next year. However, some worrying stats show almost a third of companies have no defined cyber- forensics process, and over half have problems with budgets, enforcing policy and security, data leakage and lack of commitment from management. The most common incident on the rise is online fraud, with over 20% reporting an increase in the last 12 months, while second was device theft (also rated as decreasing the most). 67% 46% 41% 84% of SA companies expect didn’t spend anything won’t spend anything of South Africans have a rise in their security on security awareness next year been a victim of cyber- budget next year this year crime (Value $573M) R150billion Estimated loss to insider fraud per year ($18.3 billion) [Sources: Wolfpack, Norton, Supervision] 10
  • 11. Africa Pirates & Hackers While software piracy stands at around half the levels of its BRIC counterparts, according to BSA around a third of all South African software is pirated, well above the likes of the US (21%), but lower than most of Africa. Using pirated software always runs the risk of introducing viruses, and needs tackling if SA wants to improve its security standards. Reducing piracy rates can be a difficult task however, and piracy rates have remained unchanged for several years. Software Piracy [Source: BRICS] 2010 2011 78% 77% 65% 63% 64% 63% 54% 59% 58% 53% 35% 35% Country: Brazil Russia India China SA BRICS Average Value in 2011: $2,848M $2,659M $2,930M $8,902M $564M $3,581M Despite the hacking of the ANC Youth League’s website last year, hacking in general hasn’t quite reached the same levels as other countries (there’s no ‘Anonymous SA’ for example), with an average of one or two major stories hitting the news each year. So far, this year’s big hacking story was a cyber-bank robbery on New Year’s Day, where the thieves managed to steal $6.7m over 72 hours. Norton’s cyber-crime figures for SA are estimated to total $573M, with 84% of people having been a victim at some point. And although the number of phishing attacks on the country are down by 11% year on year, they still run into the millions. Overview Although a decrease in attacks does sound like a good thing, it may be a result of South Africa’s low number of internet users, who make up around 14% of the population (though growing quickly). To add to this, there is a skills shortage in the IT sector, which could be slowing down the development of the country. The World Economic Forum’s Global IT Report said of SA: “Important shortcomings in terms of basic skills availability in large segments of the population and the high costs of accessing the insufficiently developed ICT infrastructure result in poor rates of ICT usage,” despite efforts from businesses to integrate IT into the workplace. According to iC3 figures, Rural areas of the country are especially at risk, after one study from SA ranks 7th in the ResearchSpace.csir found “a large portion of the South African population that has not had regular and sustained exposure to technology and broadband world for cyber-crime, internet access [could] expose local communities to cyber threats.” According surprisingly high for a to iC3 figures, SA ranks 7th in the world for cyber-crime, and has hovered country with relatively few around the same position on the list for a good few years. These numbers are internet users. surprisingly high for a country with relatively few internet users. Despite some of the problems, back in Pretoria the government is taking steps to improve security. Its new cyber- security policy aims to create a more secure digital environment through awareness programs aimed at both the public and businesses, better research and skills, and establishing a National Cyber-Security Centre. Overall South Africa has less trouble with hackers and both businesses and governments are taking steps to improve education and protection. However problems with viruses and fraud do still remain. 11
  • 12. Africa KENYA : SP TLIGHT Kenya is fast becoming a major player in the IT sector. East Africa's biggest economy has undergone something of an IT revolution in recent years, with the sector outperforming other more traditional ventures such as agriculture and manufacturing for a few years now. But lack of skills and protection is leaving computers extremely susceptible to viruses and hacking. KENYA SA $71.4b $555.1b $36m $573m Crime cost as a % of economy = 0.05% Crime cost as a % of economy = 0.01% US $15.1tr Size of economy Estimated cost of cyber-crime each year $32b [Sources: Daily Nation, IMF, Norton] Crime cost as a % of economy = 0.02% According to World Bank data, mobile subscriptions actually outnumber adults in the country, and as with many markets, the rise of Kenya’s Generation Y, combined with affordable smartphones, internet and social media have all been a key influence on this rise. Of the 17 million people on the Internet, 6 million are mobile internet users, and that number is rising steeply. Kenya seems to be going towards a wholly mobile internet set up. But perhaps because so few people are hooked up at home (around 2% have home computers), this could be the reason Kenya is vulnerable and open to attacks. Open Season for Hackers Recently, workers from the Kaspersky Lab said 20% of computers being used in Kenya are vulnerable to viruses, and the number is rising. They attributed 17% of that to the use of free software downloaded from the internet, saying ignoring updates left them vulnerable, and pointed to the government to create proper regulations on cyber-crime. Less than half of SMBs think staff are properly Meanwhile a research paper from the Jomo Kenyatta University of Agriculture and Technology on Kenyan SMBs found some very worrying statistics. Less trained to secure their than half felt they had documented information security policy, roughly the computers properly at same amount thought staff were properly trained to secure their computers all times. properly at all times, fewer than half had a business continuity plan in the event of a disaster, while almost half weren’t aware of international information security standards available for organisations to adopt. This level of negligence and ignorance is dangerous, especially when novice hackers are targeting the country for fun and succeeding every time. Proper training and business strategies are key. 12
  • 13. Africa But it’s not just ignorance and possibility; Kenya’s security problems are very real. Forensic experts are claiming cyber-crime poses the biggest challenge to organisations and the police, and already costs Kenya almost Sh3 billion ($36 million) every year. Organisations are being urged to employ Forensic Certified Public Accountants (FCPAs) to try and counter the problem. Aside from cyber-crime, your average ‘hacktivists’ are targeting Kenya for fun and practice. Last year, an Indonesian student-hacker known 42.8% as ‘direxer’, took down 103 government of Kenya web sites overnight. 20% Part of an online Indonesian security forum known as Forum Code Security, the hacker said he took down Average ‘hacktivists’ the web sites following tutorials from are targeting Kenya for the forum. That followed a year after Kenya fun and practice. One another hacker attacked and disabled hacker took down 103 the official police site, and two university hacks, one to change exam results government of Kenya and another to clear student fees. web sites overnight by Clearly this should cause concern. If following tutorials from government and academic institutional % of SMBs in Kenya who have an online forum. sites are being hacked so easily, there’s not security trained their staff nothing to say local businesses are in any more of a secure position. Various blogs online offer some advice for % of computers in Kenya basic security but there are some serious questions that need answering, vunerable to viruses not by blogs, but by the government and the private sector to really address what is a lack of adequate protection. [Source: Kaspersky, cscjournals] Fighting Back The business level responses so far have seen Techno Brain, an IT solutions company, starting to offer hacking forensic courses to banks, government agencies and other corporates, while Kenya Methodist University (KeMU) launched a string of professional courses in IT security, in an attempt to plug some of the holes these attacks have highlighted. The government is moving in the right direction too. Last year they set up their own Computer Incident Response Team (CIRT) to combat the problem, which aims to deal with incidents, promote security, issue warnings, and generally try to address the issues the country has with security and bring it up to scratch with the rest of the world. However, the government is also making some not so great decisions. Its new Information Protection bill has been labelled ‘flawed’ by the Kenyan chapter of the International Body for Professionals in Audit and Information Security (ISACA), who said it was a step in the right direction but left holes open for misuse. New monitoring devices installed by the Communication Commission of Kenya (CCK) are worryingly Big Brother, though they promise they are for assisting in early detection and prevention of cyber-crime incidents, and have said, “It is a passive system and not a tool for spying on users. The system cannot be used to block access to the internet at all.” This monitoring of the public web traffic is very worrying for people. Clearly Kenya has some serious security issues that need addressing. This isn’t to say they are the only victims, as seen by the recent attacks on the likes of Sony and LinkedIn, but a major government site being brought down by a lone student makes it clear security isn’t good enough by any stretch of the imagination. The lack of knowledge and skilled workers also need to be tackled, otherwise East Africa’s biggest economy may become a hacker’s paradise. 13
  • 14. Africa Expert Opinion Kostya Reim, Managing Director of Security Risk Solutions Ltd In a country pained by poverty, famine, refugees, war on Somalia and terrorist attacks; one would not believe that Information Security was an everyday topic. Indeed, priorities are a little different and have been, understandably, for the last decade as the country progresses on its Vision 2030 implementation. Kenya as the business and financial hub of Eastern Africa is slowly gaining back its powerhouse reputation once gained in the 70s, and is a vastly growing center in the region. Even though the cost of living keeps at par with the ever-increasing global trends, the spending power of Kenyans is manifested by the mushrooming shopping malls and office buildings in the cities and suburbs. Convenience is a regular requirement during the busy and traffic-affected days and therefore the uptake of Internet (on Mobile), Mobile Banking (M-PESA), Internet Banking, Credit Cards and eCommerce has been massive and overwhelming. Information Security’s biggest driver is compliance and so it has been in Kenya. The regulators have defined very clear guidelines and issued directives that are clear and implementable. This includes PCI DSS controls, regular penetration testing, and guidelines for security in Internet Banking, as with the recent changes of the Prudential Guidelines issued by the Central Bank of Kenya. Many banks, merchants and payment processors are undertaking PCI remedial projects and placing controls where previously have been none. Investigations into computer abuse and fraud have resulted in many more convictions as the changes in telecoms and evidence acts have now reached the courts of law. The media has become infosec aware and report on issues of breaches and developments regularly and with depth. The government has recognized the risk and made information security a key requirement in their e-government strategic plan. So clearly, Kenya is on its way, development and infosec wise, thanks to a great number of technology professionals making the lives of Kenyans more convenient and technology-enabled every day, sometimes with mishaps that put them at risk... 14
  • 15. Africa NIGERIA : SP TLIGHT Nigeria boasts a 29% internet penetration rate, the highest in Africa, yet has suffered for years with 419 scammers. Though not as bad as it was once, the infamous Nigerian prince scams have certainly had an impact on the country’s reputation. 2015 70m 2012 45m $200m annual cost of cyber-crimes to the Nigerian economy 0m 50m 100m [source: IT News Africa] Nigerian Internet Users, [source: The Guardian Nigeria, Internetworldstats] Like many African countries, Nigeria suffers from an underdeveloped and unreliable fixed-line infrastructure. However, that hasn’t stopped it topping 45 million internet users, the highest number on the continent. But with such large numbers come many dangers. Emerging markets across the world are suffering at the hands of targeted hackers and malware due to insecure websites and “Nigeria, being a fast poorly-trained staff. And on the whole Nigeria is no different. emerging market... risks Though the country may be aiming to have 70 million internet users by 2015, higher foreign invasion of Symantec has warned that the rise of internet users in Nigeria puts the country cyber-attacks because at a greater risk from cyber-crime. Kelvin Isaac, Symantec’s Vice President of the glut in capacity of Emerging Markets said, “Nigeria, being a fast emerging market, with huge utilisation.” bandwidth deposits from the various submarine cables, risk higher foreign invasion of cyber-attacks because of the glut in capacity utilization. [That is the] Reason why government, regulators and operators must work in collaboration to ensure that every avenue to encourage is blocked completely in the country and the risk mitigated.” Like many places around the world, SMBs are particularly at risk as they lack proper security plans and trained in-house staff to counter or quickly recover from any attacks. People Power There are plenty of web 2.0-literate people in the country, but not necessarily using their skillset for legal purposes. Last year a group of Nigerian hackers known as NaijaCyberHacktivists attacked government sites, including the National Poverty Eradication Programme website and the Niger Delta Development Commission, posting a letter protesting against the N1b ($6.6 million) cost for inauguration for President Goodluck Jonathan and the country’s Freedom of Information Act. The author of the report pointed to the county’s rabid unemployment figures (currently hovering around the 23% mark) and a country that is ‘rich in raw technology talent’. In a similar attack in January the Economic and Financial Crime Commission (EFCC) was attacked in response to reports of corruption. 15
  • 16. Africa This pool of unemployed and angry talent has only recently started targeting its government. For years Nigeria has been king of spam, with promises of Nigerian Princes offering millions for only a small advance fee. These 419 Scams (in reference to the article it’s a crime under in the Nigerian Criminal Code) are so synonymous with the country they are often called Nigerian scams. Back in 2005 Lagos was widely considered the world’s leading place for scam crimes. Although they are still common, they have been on the decline of late (spam is at its lowest levels for years) and Nigerian police have been more active in recent years in shutting down these kinds of operations. Positive Action Given that Nigeria’s IT sector is booming, programmes to equip more people for careers in the sector are coming through, including World Bank’s ACCESS (Assessment of Core Competence for Employability in the Services Sector) programme, which trains young people on a variety of aspects, from written English and basic numerical skills to internet browsing, use of office software, and attention to detail. It’s not quite on the same level as Kenya’s various forensic hacking courses, but it’s a start. The government is trying to gain traction on developing a world class IT sector, with various ideas and policies to improve accessibility. But a possible cyber-crime spree waiting to happen lies within the country’s move towards a ‘cashless society.’ This move to reduce the amount of cash used and increase electronic payments is a perfectly valid one, but where money is involved there will always be criminals trying to abuse the system. And without adequate protection, hackers could rob organisations of several millions, if not billions, of Naira. A big stumbling block is the country’s lack of cyber security law. It is making it difficult to actually criminalise the hacking of any websites in the country, governmental or otherwise. Dr. Emmanuel Ekuwem, chief executive of Teledom International Group, lamented this lack of law, saying, “Do we have a cybercrime and cyber security law in place? No! Have we designated our Critical National Information Infrastructure? No! There is no law yet that criminalises the hacking any websites. Pity!” A bill is in the works, and has been promised sooner rather than later, but when that actually will be is anyone’s guess. Nigeria is a country with a tradition in cyber-fraud with 419, but as that slowly gets put to bed it will want to avoid the rise of hackers, especially around its E-commerce ambitions. As with many emerging markets, proper training and security measures will help immensely. But critically, getting a proper cyber-security bill in place is needed as a tangible deterrent to would-be criminals. Without that, Nigerian Princes needing bank account details might be the least of people’s worries. 16
  • 17. Africa Conclusion The African landscape is changing rapidly. This can be seen across expanding economies, rising populations and major technological developments. Over the last few years this has resulted in many improvements. However, due to the pivotal nature of technology, one serious stumbling block to true progress could well be IT security. There are so many granular differences across 57 diverse African countries that it is hard to assess the pan-African situation in any meaningful way. To tackle this we split the continent into four and looked at one country across each of the corners. Through this approach some core trends did surface. These are namely, a massive IT skills shortage, a severe lack of education on potential cyber-threats, along with significantly higher levels of viruses and malware than other regions, such as Europe. These concerns do seem to be gradually reaching governments, and necessary legislation is slowly being put in place, but security overall is clearly a big problem across the continent. This report has shown that malware and cyber-crime have taken a sharp rise in Egypt in recent years; South Africa suffers from a profound lack of security awareness; Kenya is subject to chronic hacking and Nigeria is still world famous for its ‘Nigerian Prince’ emails. With business booming; numerous foreign companies moving in, and IT looking set to play an ever more crucial role in the continent’s development, it is becoming more and more vital that IT security sits firmly on the African agenda. About IDG Connect IDG Connect is the demand generation division of International Data Group (IDG), the world’s largest technology media company. Established in 2005, it utilises access to 35 million business decision makers’ details to unite technology marketers with relevant targets from any country in the world. Committed to engaging a disparate global IT audience with truly localised messaging, IDG Connect also publishes market specific thought leadership papers on behalf of its clients, and produces research for B2B marketers worldwide. For more information visit: http://www.idgconnect.com/ 17