Zimpapers Logo

Alford Nyasha

AS we go deeper into 2024, it becomes crucial to contemplate the future implications of the evolving cyber threat landscape. Over the past two decades, technological advancements have revolutionised various aspects of our lives. While these innovations have ushered in social and economic progress globally, they’ve also fuelled an alarming surge in cyberattacks and technology-facilitated crimes. Hardly a day passes without news of a cyberattack, or the use of technology in criminal activities.

Despite significant efforts by the African Union to combat cybercrimes through initiatives like the African Union’s Convention on Cyber Security and Data Protection laws, the continent still grapples with challenges. Organisations such as Interpol, the United Nations Office on Drugs and Crime (UNODC), and the African Union Mechanism for Police Cooperation (Afripol) have demonstrated that Africa, like any other continent, remains vulnerable to cyberattacks. However, resource constraints, expertise gaps, lack of cooperation among member countries, and an inadequate legal framework, hinder effective countermeasures against cyber-criminal activities.

Africa has witnessed substantial growth in mobile money services, which, from a cyber-crime investigations perspective, provides criminals with increased opportunities to target victims and engage in various illicit activities. Tech-related scams pose significant concerns for law enforcement, regulators and the general population in Africa.

The Covid-19 pandemic accelerated digital transformation, prompting many African organizations to adopt remote working practices. However, this shift has elevated security risks. The debate over cyber-security risks posed by remote workers versus in-office counterparts continues. Failure to adhere to policies and procedures exposes institutions to a wide range of cyberattacks, including those targeting third-party services. Statista reports that 72 percent of organisations express significant concern about the online security risks faced by their remote employees. Unfortunately, many organisations remain hesitant to invest in robust cyber-security measures, leaving their systems vulnerable.

The growth of the Internet of Things (IoT) market, coupled with advancements in technologies like 5G and cloud computing, presents Africa with significant cyber-security challenges. The collection, transmission, and storage of vast amounts of data across interconnected devices and cloud platforms, raise concerns about data security and privacy.

Cyber-security experts predict an increase in Advanced Persistent Threat (APT) models and the emergence of new cyber-attack techniques, botnets, rootkits, hacker-for-hire services, and supply chain attacks—all facilitated through cybercrime-as-a-service (CCaaS). Additionally, the surge in cryptocurrency usage is expected to impact Africa, leading to rising crypto-related crimes, including pyramid and Ponzi schemes, darknet market activities, stolen crypto through hacks, and illicit drug transactions.

The advent of technologies like Artificial Intelligence (AI), machine learning, and quantum computing has fuelled a rise in cyber-generated crimes. While AI offers advantages in reducing human workload, it also poses challenges for cyber-crime investigators, such as facilitating artificial intelligence crimes (AIC). AI tools like deepfakes enable criminals to manipulate multimedia content, facilitating fraudulent and unlawful activities. Africa’s readiness to embrace these transformative technologies while mitigating their downsides remains a critical question. 

As Internet usage continues to soar, an increasing amount of personal information and data becomes available online. Whether willingly shared or compromised through cyber-crime attacks and data breaches, this data poses significant risks to individuals, companies, organisations and governments. In response, cyber-security awareness has become paramount, and organisations must adopt robust frameworks and standards to safeguard internet users across countries and continents.

Despite the publication of various handbooks and studies, and the contributions of international and regional organisations in preventing and combating cybercrime, the alarming rate at which critical infrastructure, corporations, and individuals are exposed, underscores the need for heightened awareness. To address this, the adoption of a comprehensive international convention to combat cybercrime is crucial. The proposed Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes would enhance international law enforcement cooperation, bridge capability gaps, and enable global responses to cyber threats.

While we commend the United Nations General Assembly for adopting the first global resolution on artificial intelligence in March 2024, which encourages countries to safeguard human rights, protect personal data, and monitor AI risks, cyber-security practitioners are already looking beyond 2024. They seek additional resolutions and conventions that will empower countries to effectively combat the cyber-crime scourge.

Africa, with its rapid internet penetration and growing criminal opportunities, faces shared cyber-security challenges. To strengthen defences against cybercrimes, member countries must prioritise:

Educating citizens, businesses, and government agencies about threats and best practices.

Implementing robust cyber-security frameworks to mitigate risks.

Collaborating globally to tackle cyber threats collectively.

By taking these steps, Africa can protect its citizens, institutions, and nations in the digital age, ensuring a safer and more secure online environment. 

Alford Nyasha (PhD Candidate) is a Southern African Development Community (Sadc) Certified Cyber Crime Expert, Trainer and a senior law enforcement agent who has both international and regional (Interpol, Afripol and Southern African Development Community (Sadc) exposure in the field of Cyber-crime Investigation. A holder of a Post Graduate Diploma in Telecommunication Systems, Master’s Degree, and multi certifications in Cyber Forensics and Cyber Investigations; has been active in the field of Cyber Crime investigation, IT security and information assurance for more than a decade. His passion is to train people to be digitally aware through cyber-awareness programmes He writes in his personal capacity. 

Feedback Email: [email protected]