The Covid pandemic has exposed the vulnerabilities in the region’s infrastructure
When the coronavirus pandemic struck early this year, authorities around the world braced for an expected rise in cyber-attacks. It turned out that, in most countries, there was no significant increase, although the types of attack changed. But in Africa, cyber-attacks of all sorts spiked dramatically. The targets included government, healthcare, telecoms, banks and the users themselves. In education, institutions mostly didn’t have the necessary security applications for the large number of online classes, and lacked a basic understanding of the risks. Mobile money was especially hard hit. It is big business in Africa, and the way in which it allows the easy transfer of money, mobile to mobile and mobile to bank, makes it vulnerable. Assessments by the region’s CSERTs1 showed that social engineering type attacks, such as phishing, were the most common largely because of the lack of awareness among users.
Governments across the region are working with regulators and operators to try and push the awareness message. Initiatives include the setting up of sectoral cybersecurity teams, to co-ordinate responses among operators, and campaigns involving messages sent to users phones have become widespread. Telecoms companies have also launched a comprehensive programme including threat detection, preventive measures and increasing awareness among employees in areas such as phishing and social engineering.
Across Africa, most governments already have a cybersecurity strategy, but not the funds for implementation. Currently only about 60% of countries in Africa have their own national CERT. Most are now developing them, and my organisation, ADCRO, has run capacity-building workshops for these countries with help from the African Union, ECOWAS, UK Foreign & Commonwealth Office (FCO) and the US. However, funding remains a major obstacle.
A dedicated source of funding is needed to boost cybersecurity in Africa. In this era of the global COVID-19 Pandemic, permanent and sufficient funding needs to be secured to combat the rise in cyber-crime and cybersecurity related attacks in Africa. Without financial commitment our entire governance, financial, and educational system among others will grind to a halt.
Funding should come from both international and local sources. In the past years and more particularly in 2019, the African Region has received international funding support for cybersecurity capacity building from several United Nations Agencies, the EU, Council of Europe, UK Foreign and Commonwealth Office (FCO), the Hague and the USA, amongst others. It is expected that cybersecurity funding support from these international sources will increase to meet the spike in cybersecurity challenges of the region.
In terms of local funding, AU and Ecowas should make available funding to support African Governments in developing and implementing their National Cybersecurity Strategy to protect their critical national infrastructure, cyber borders and citizens.
African governments themselves need to have dedicated budget allocations to support their fight against the increasing cyber-attacks in their respective countries, and some are doing this. Nigeria has introduced a levy on electronic transactions to fund their cyber-security initiatives. Ghana has introduced communications services tax to support its cybersecurity agenda. Togo has also established a sovereign cyber-security fund with contribution from telecommunication service operators, based on their annual turnover.
The scale of the task means that funding will be needed at every level – international, regional, national and local. If this investment can be found and sustained, then a more secure network, resilient infrastructure and better informed citizens will be a positive outcome to the Covid-19 pandemic.
1 Computer / Security Emergency Response Teams
Africa needs investment in its cyber defences: the Covid pandemic has exposed the vulnerabilities in the region’s infrastructure.
We give innovators and regulators a forum in which to explore, debate and agree the best policies and regulatory frameworks for widest societal benefit.
Insight: Exchange: Influence
We give members a voice through conferences, symposiums and private meetings, as well as broad exposure of their differing viewpoints through articles, reports and interviews.
The new website will make it easier for you to gather fresh insights, exchange views with others and have a voice in the debateTake a look Learn more about our updates
You are seeing this because you are using a browser that is not supported. The International Institute of Communications website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.