Cybercrime and Cybersecurity in Africa Assessment Answer

Abstract

In this assignment, the cyberattack and cybercrime have been analyzed for the African continent. A cyberattack is defined as any attempt to acquire authorized access to a computer, computer network or computing system to cause serious damage. The characteristics of the cyberattacks have been listed along with their effects on business organizations. With cyberattacks, corporations often encounter indirect costs in addition to the actual financial damages, like the chances of the main interruption to the operations that might lead to a loss in revenue. Various measures have been listed that firms can apply to safeguard themselves from the effects of cyberattacks.

Introduction

The incorporation of IT in daily routine has created an environment wherein businesses, individuals and governments are extremely reliant on secure and reliable operation of such systems. This reliance on computer systems and networks has created an atmosphere wherein loss, compromise, and damage of such IT systems can direct to huge environmental, financial, political, social or personal harm (Van Heerden et al., 2016). Cyberattack is considered any offensive maneuver performed against an IT system by an external or internal party. As the rapid advancement of technology surpasses the progress of adequate legislation about cybercrime, awareness, security systems, businesses, governments and individuals are vulnerable towards cyber-attacks. Moreover, cyber attackers tend to conduct malicious acts that target computer information systems, computer networks, network infrastructure or personal devices to damage, infect or control the system (Kshetri, 2019). The main purpose of the essay is to analyze the cyberattacks in Africa, and their impacts on organizations, and evaluate measures that can be adopted to address cybercrimes.

Characteristics of Cyberattacks in Africa

A cyberattack is an assault being launched by cyber criminals with the help of one or more computers against the sole or multiple computers or networks. The cyberattack can maliciously disable the PCs, steal data or make use of breached computers as the launch point for other attacks. Cyber attackers tend to make use of various methods to launch cyberattacks such as phishing, malware, denial of service, and ransomware among other methodologies (Sabillon et al., 2016).

Africa is among the fastest-growing regions in the context of cybercrime activities. This continent also acts as the source of substantial cyberattacks targeting the rest of the world.

Rising cyberattacks in Africa can be characterized by susceptible systems and negligent cybersecurity practices (Kimani et al., 2019). As per Business Software Alliance, two nations having the highest software piracy rates in 2017 were from this continent only, namely, Zimbabwe and Libya. The fractions of unlicensed software in these two nations were 89% and 90% in respective terms. As pirated software products cannot grab the benefit of updates from producers, they speed up the spread of malware (Shaw, 2017).

Cybersecurity is regarded as a luxury, not a necessity in various African economies. Cybersecurity budgets in various companies are reported to be lower than 1% and various companies had zero budget assigned towards cybersecurity.

Another issue is concerned with the shortage of skills among the users of the Internet to safeguard themselves from increasingly rising cyberattacks. Similar to any other developing nation, various African internet users are non-experienced and are not technically savvy. The major percentage of them are getting PCs and connecting to the Internet for the first time. Also, the majority of them lack the English language. This latter point is vital because most of the instructions, information and other content for security products are accessible in the English language only. And African internet users cannot apply cybersecurity products being formed in the English language (Scott & Kyobe, 2021).

Effects of Cyberattacks on Organizations in Africa

The cyber attack led to major damage to the business. It affects its bottom line and also the standing of the business and customer trust. The effect of security breaches can be widely divided into three categories – reputational, financial and legal. Cyberattacks sometimes, result in a significant financial loss arriving from:

• Theft of financial details
• Theft of money
• Theft of company information
• Loss of contract or business
• Disturbance to trading

While dealing with a breach, firms normally incur higher costs linked with repairing the affected systems, devices and networks.

Cyberattacks initiated by African nations have a global impact. The Cyber WMD (Weapon of Mass Destruction) of Africa probably poses a direct risk to the world (Coats, 2019). About 80% of PCs used in Africa were infected with malware and viruses. Often, cybercriminals make use of these unprotected PCs to start launching cyberattacks against targets all across the world.

Moreover, companies from the industrialized nations classify online transactions initiated from Africa as highly risky. Financial damage is a fundamental effect of cybercrime on African organizations. When a cyberattack happens, the damage to the finance of the corporations can arrive in various forms (Leroy, 2022). Initially, the hacker can simply drain the bank accounts if they have access to it. And after that, make transfers of money in their accounts.

Cyberattacks have indirect costs about unexpected downtime, productivity loss and reduced morale. As the owner of the business or the IT Manager struggles to get control over the incident and evaluate the damages, they become unable to pursue the growth of the business and handle their other duties. All such negativity and the stress at workplace impacted the morale of the team members. Moreover, the costs related to cyberattacks are passed on to the customers which end up subsidizing the lack of preparation of the company. As per IBM, over 60% of the breached firms increase prices after the incident of cybercrime to aid in covering the costs of it (Anderson et al., 2019).

Trust is considered a vital element of the consumer relationship. Cybercrimes can completely damage the reputation of the business and erode the trust of the customers. It, in turn, can potentially direct to –

1. Loss of sales
2. Loss of customers
3. Decline in profitability

The impact of reputational damage may even affect the suppliers, or impact the relationships, that the business may have with the business associates and other third parties being involved in the business.

For instance, in 1998, a 15-year-old boy hacked the path through all security attributes of the South African telecommunication corporation – Telkom PCs. The internal monitoring devices identified the evidence of the online footprint of the boy. The boy was in a situation to undertake main damage to the PC, including the transfer of a huge amount of money (von Solms, 2019). Another example was Mass Defacement in 2005. The Moroccan hacker group known as Team Evil hacked and defaced over 260 South African websites. This hack was known as the biggest hack attack in the history of South Africa (Van Niekerk, 2017). One more example of a cyberattack was of PostBank in 2012. In this case, the hacker stole about R42 million from the PostBank of South Africa. This attack was done by a PostBank employee during the break of Christmas. This computer was associated with the main server of PostBank, from which the money was transferred. After that, the money was withdrawn from several ATMs throughout South Africa.

In these examples, cyberattacks have seriously damaged the reputation of the business. Customers might be understandably wary of frequenting the companies that were hit by the attacks. On the similar side, investors might view being a cybercrime victim as a form of carelessness and might not desire to engage themselves. The tarnished goodwill might also scare away qualified job applicants that do not desire to link themselves with the ineffective regarded business.

Measures Adopted to Address Cyberattacks

Up-to-date patches – Keeping the PCs and servers updated and applying security patches, specifically those labelled as critical, can aid in limiting the vulnerability of the organization towards cyberattacks.

Cyber awareness training – Frequent cybersecurity awareness training for the employees of the company acted as a crucial measure towards safeguarding against cyberattacks. This training tends to instruct the employees to do the following things –

• Not clicking on any malicious links
• Never open up the untrusted or unexpected attachments
• Avoid revealing any sensitive or personal data to the phishers
• Review and check the legitimacy of the software before downloading the same
• Never connect any unknown USB to the system

Form and deploy cyber resilience – Companies are preparing for cyberattacks and get cyber resilient as the threat is ever-present and ever-rising. Cyber resilience must start at the executive or board level of the corporation by prioritizing and enacting the processes that will safeguard the valuable assets and by incorporating them as the needs into all processes of business (Evans, 2019). Security must contribute to the growth of the firm embodied in the long-term strategy. Furthermore, the corporation must establish its cyber abilities by creating awareness of and establishing skills of information security among employees, securing the configurations and constantly updating its systems and infrastructures, with the help of technologies for proactive surveillance, installing active detection and quick response towards security incidents and breaches and undertaking regular security audits and penetration testing.

Develop cybersecurity abilities - Qualified and experienced profiles in the context of cybersecurity and risk management are vital to support cybersecurity. Companies should now establish skills forming and retention strategies to attract and upkeep talented personnel to help execute their cyber resilience (Eaton et al., 2019). It acts as the specific challenge for corporations over Africa, as the requirements for information security and cybersecurity experts are at a growing stance across the globe.

Safeguard the integrity of data - The criteria of data integrity could supplant privacy as the fundamental objective of cybersecurity. The revival of attacks aims at the manipulation or destruction of data. This issue outlines the significance of data integrity and the influence of breached data on citizens and companies. Companies must go for strengthening their measures to prevent and recover from incidents of huge corruption of data (Healey et al., 2018).

Incorporate cyber risks awareness into the decision-making process - The effective path to involve top-level management in the fight against cybercrime is to relay the dangers towards the extent of the decision-making process. This procedure involves the alignment of cybersecurity aims with the strategic ambitions of the company and describing the essential systems and assets that must constitute the priority scope to safeguard (Khari et al., 2017). Therefore, the objectives described can be adequately budgeted and divided down at the operational and tactical levels to popularize cyber risk-aware culture at all stages of the corporation.

Future of cybersecurity beyond 2022

Few African companies are undertaking cyber threats on a serious note. ISO has reported a rise of over 73% of information security management system-certified corporations within the year, with the major proportion in Nigeria, South Africa and Morocco (Tayo Tene et al., 2018). Companies have started using innovative technologies like blockchain to safeguard the integrity of data. These companies tend to make more investments in new technologies to address security threats. Furthermore, the executive management and the board are getting more aware of their answerability in case of cyberattacks and identifying the requirement for skilled management to determine and perform against the probable cyber threats.

Conclusion

It can be concluded that customers and businesses are encountering rising cyber threats in Africa. This continent faces a problem of shortage of cybersecurity manpower. It has been analyzed that there is also a lack of skill set among the users of the Internet to safeguard themselves from rapidly increasing cyber threats. The firms that come under the cyberattack incur greater costs from the operational disruption and the altered version of business practices. The highest losses arrive from reputational damage. The firms that tend to have effective control over the data of their customers have paid millions to settle the claims. African economies are passing particular laws and provisions to deal with electronic evidence and cybercrime.

References

Anderson, R., Barton, C., Bölme, R., Clayton, R., Ganán, C., Grasso, T., ... & Vasek, M. (2019). Measuring the changing cost of cybercrime.

Coats, D. R. (2019). Worldwide Threat Assessment. US Intelligence Community.

Eaton, T. V., Grenier, J. H., & Layman, D. (2019). Accounting and cybersecurity risk management. Current Issues in Auditing, 13(2), C1-C9.

Evans, A. (2019). Managing cyber risk. Routledge.

Healey, J., Mosser, P., Rosen, K., & Tache, A. (2018). The future of financial stability and cyber risk. The Brookings Institution Cybersecurity Project, 1-18.

Khari, M., Shrivastava, G., Gupta, S., & Gupta, R. (2017). Role of cyber security in today's scenario. In Detecting and mitigating robotic cyber security risks (pp. 177-191). IGI Global.

Kimani, K., Oduol, V., & Langat, K. (2019). Cyber security challenges for IoT-based smart grid networks. International journal of critical infrastructure protection, 25, 36-49.

Kshetri, N. (2019). Cybercrime and cybersecurity in Africa. Journal of Global Information Technology Management, 22(2), 77-81.

Leroy, I. (2022). The relationship between cyber-attacks and dynamics of company stock: the role of reputation management. International Journal of Electronic Security and Digital Forensics, 14(4), 309-317.

Sabillon, R., Cavaller, V., Cano, J., & Serra-Ruiz, J. (2016, June). Cybercriminals, cyberattacks and cybercrime. In 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF) (pp. 1-9). IEEE.

Scott, J., & Kyobe, M. (2021, December). Trends in cybersecurity management issues related to human behaviour and machine learning. In 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET) (pp. 1-8). IEEE.

Shaw, M. (2017). Africa’s changing place in the global criminal economy. Institute for Security Studies Papers, 2017(cr1), 1-40.

Tayo Tene, C. V., Yuriev, A., & Boiral, O. (2018). Adopting ISO management standards in Africa: barriers and cultural challenges. ISO 9001, ISO 14001, and new management standards, 59-82.

Van Heerden, R., Von Soms, S., & Mooi, R. (2016, May). Classification of cyber attacks in South Africa. In 2016 IST-Africa Week Conference (pp. 1-16). IEEE.

Van Niekerk, B. (2017). An analysis of cyber-incidents in South Africa. The African Journal of Information and Communication, 20, 113-132.

Van Niekerk, B. (2017). An analysis of cyber-incidents in South Africa. The African Journal of Information and Communication, 20, 113-132.

von Solms, S. (2019). Africa’s Contribution to Academic Research in Cybersecurity. Journal of Information Warfare, 18(2), 60-73.

You Might Also Like:- 
Cyber Security Assignment Help
A Beginners Guide to Deep Learning

Looking For Complete Assignment Sample Get It On WhatsApp