Trend Micro threat researchers believe that within three years, Africa will be a much bigger source of cybercrime. Here’s why:
Increased Bandwidth Availability at Lower Cost
All United Nations’ (UN) member countries have agreed to reach eight Millennium Development Goals by 2015. One of these goals is: “In cooperation with the private sector, make available the benefits of new technologies, especially information and communication.” Meeting this goal helps Africa catch up with the rest of the world. With new information and communication technology (ICT), Africa’s huge potential user base is turning it into a major player.
Various private companies from around the world worked together to fund and implement six infrastructure projects in Africa. In 2007, the first undersea fiber-optic cable was installed, connecting its eastern and southern parts to the rest of the world. Today, cable infrastructure reaches almost the whole continent. With 11 cable projects still underway, local ISPs and phone service providers have been expanding their range of offerings, providing cheaper and faster access to customers.
With bandwidth on the increase, costs for both operators and end users are likely to decrease further, providing benefits to institutions and companies, but also to attackers and cybercriminals.
Fast Growing Internet User Base
The exponential growth of Africa’s user base will further force bandwidth costs down. Its population reached 1 billion in 2009, and was expected to reach 1,073,380,925 by June 2012, an increase of 73 million in 3 years’ time.
In keeping with this population growth, mobile web surfing has become mainstream on the continent. Internet use, particularly for social networking, is a viral phenomenon. From March 2011 to March 2012, the number of Facebook users increased from 27 to 40 million. If this growth rate continued, Facebook users in Africa have already exceeded 50 million. In any case, these numbers show that Africa’s Internet user base will continue to rapidly increase.
The Lack of Cybercrime Laws
Lots of bandwidth, lots of users, but only 5 of Africa’s 57 countries have cybercrime laws. And those laws may be outdated or inadequate for the current threats that abound in the security landscape. It’s a situation that makes it easy for cybercriminals and attackers to launch malicious activities without fear of being prosecuted.
Cybercrime in Africa is not well-documented, but one example is of an Algerian hacking attack that defaced several Romanian websites, including Google and PayPal.
According to the Security Affairs blog, in 2011, Africa counted 18,607 cyber security incidents, up from 564 in 2000. In the first quarter of 2012, 8,903 cyber security incidents were reported and of those, 4,501 were related to fraud that included 2,304 phishing attacks targeting African banks.
As expected, the most connected African countries, and those with the biggest user bases, are also those with the most malware: Algeria, Egypt, Nigeria, and South Africa. Of these, only South Africa has a cybercrime law in place, though Kenya is in the process of creating one.
So given the situation, we think it is safe to say that the number of cybercrime activities targeting or originating from Africa will increase—and probably dramatically—in the next few years. Clearly, as the world becomes more digital, so does the need to stay diligent with IT security.
To learn more about this topic, read the Trend Micro report Africa: A New Safe Harbor for Cybercriminals?