International policing agency Interpol is upbeat about its latest drive to root out cybercrime on the African continent, a region in which SA continues to be the most targeted.
Incidents of cybercrime have been on the rise, with data from several sources highlighting the country as among the most attacked in the world. A lack of sufficient investment in cybersecurity has largely been blamed for the crisis.
“One of our big initiatives is approaching cybercrime through a regional approach. We have focused on the Africa region. What we have is support from my office in Singapore and we have seconded officers in the Africa region who are working on the ground,” Neal Jetton, director of cybercrime at Interpol, told Business Day.
As the use and adoption of AI grew after ChatGPT’s breakthrough and rise in popularity over the past year, criminals began to use the technology to intensify their attacks.
“We’re able to support operations and go after targets, go after crimes that are affecting specifically the Africa region,” Jetton said from the sidelines of this year's Global Cybersecurity Forum annual meeting 2024 in Riyadh, Saudi Arabia.
“We’ve just started an operation called Africa Surge 3.0, since the beginning of September, and as of last Friday, when I received the last set of statistics, several hundred arrests have been effected because of that operation.”
During 2023’s iteration of the same campaign, cybersecurity firm Trend Micro, uncovered 1 500 malicious IP addresses, located mainly in SA (57%), Egypt (14%), the Seychelles (5%), Algeria (5%) and Nigeria (4%). These IP addresses were linked to notorious malware families, ransomware and other threats.
At the same time, about 200,000 detections of malicious traffic in the first quarter of 2023, linked to scams, malware, phishing and command-and-control servers, were found to be facilitated by hosting services in the Seychelles and SA.
As to the types of attack in the region, Jetton said: “What we’re seeing from law enforcement on the ground is that their biggest concerns are ransomware, business email compromise, and normal phishing schemes as well. I would say that by and large those are the same concerns globally.”
Ransomware is a type of malware that encrypts a victim’s data, making it inaccessible until a ransom is paid.
While governments and individuals are often targeted, Jetton said businesses were most at risk for this type of attack.
“But I do think African law enforcement has seen the issue and has risen to the challenge. They have increased their cybercrime units. There are many countries within Africa working on legislation to make it more efficient to conduct cybercrime investigations,” he said.
In recent times the SA government has come under fire for cybercrime-related incidents.
An international ransomware gang claimed responsibility for a crippling attack on the SA Health Laboratory Service, which blocked patients’ lab results and compromised highly sensitive patient and government employee data. Additionally, it was disclosed that the department of public works and infrastructure has had at least R300m stolen through cybertheft-related incidents in the past 10 years.
Gugu Nyanda, lead for health and public sector in Africa at Accenture, recently told Business Day that “all cybersecurity shortcomings within national government compromise the people of SA”.
Nyanda advocates for a three-step approach to tackle growing cybercrime in the country. First is to ensure that government employees are trained and kept up to date with issues relating to digital threats. Second is to ensure that all government employees use updated software. The third solution is to break down operating silos in government.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.