A 2016 report published by the African Union (AU) Commission and Symantec estimated that in 2013, the global cost of cybercrime had reached around US$113 billion. It further noted that Africa was the target of 1.9 million cyber-attacks in 2015, which included ransomware, phishing and botnet attacks. The number of cyber-attacks continues to rise each year, with Algeria, Egypt and South Africa being the most frequently targeted countries.
In South Africa, 67% of adults with access to the Internet were reportedly victims of cybercrime in 2016, costing the economy an estimated US$242 million. Cybercrime in Africa is further compounded by growing Internet penetration on the continent, coupled with very weak network and information security. Government, retail and technology are the sectors which are the most vulnerable to cybercrime attacks. Countries are now starting to take the threat of cybercrime seriously, with some registering more success than others.
According to the 2017 Global Cybersecurity Index, Mauritius fares the best in terms of cybersecurity in Africa, particularly when it comes to awareness raising and capacity building. These successes can be traced back to a few decades after independence, when the Mauritian government decided to diversify from agriculture (sugar and tea) to a services-based economy. The financial; information and communication technology (ICT); and tourism sectors were identified as focus areas.
Today, the ICT sector accounts for 5.6% of GDP and is one of the primary sources of employment in the country. Inspired by its success, Mauritius is expanding into new sectors such as the blue economy, renewable energy, property development and digital economy.
Earlier this year, Mauritius hosted a SADC (Southern African Development Community) workshop to share its knowledge and insight on the rise of cybercrime in Africa, and to provide recommendations on how the growing phenomenon can be curbed.
During the workshop, emphasis was placed on the importance of regional cooperation in sharing information and intelligence. States were also urged to ratify the AU Convention on Cyber Security and Data Protection. The need to develop a SADC Model Cyber Security strategy was also highlighted, to act as a guideline for states in developing their own national cybersecurity strategies. Additionally, each country was tasked to ‘develop and implement anti-child abuse and human trafficking strategies to protect women and the African child in the context of the Cyber Security framework’.
As the digital space continues to expand in Africa, so too will associated vulnerabilities and cyber-attacks. Mitigating the threat will require greater capacity, cooperation and awareness on cyber security at a national, regional and continental level.
Richard Chelin, Researcher, ENACT project, ISS
