15 Mar 2019

Cybercrime / Should Africa worry about cyber-attacks from extremists?

Cyber security measures should anticipate future overlaps between cybercrime and terrorism.

Cybercrime refers to any criminal activity that involves a computer or a device connected to a computer network or the Internet. The term is used to describe two different, but closely related group of criminal activities, namely advanced cybercrime, and cyber-enabled crimes

Advanced cybercrime refers to illegal activities that target computer systems and their data. They include computer hacking and spreading malware, such as viruses and spyware. Cyber-enabled crimes are traditional crimes perpetrated using the Internet, but which could be committed without using a computer. Examples include online money laundering, drug trafficking and human trafficking.

It is important to note that while cybercrime is a form of organised crime in its own right, it plays a significant role in facilitating illicit financial flows – taking the form of either obtaining money illegally, or through the transfer of illegal funds, or both.

As cybercrime has proliferated, analysts have begun to investigate the convergence of cyber and terrorism

As cybercrime and cyber-enabled crime have proliferated, analysts have also begun to investigate ‘the convergence of cyber and terrorism’, that is, where links may exist between cybercrime and extremism.

The 2018 World Atlas of Illicit Financial Flows, published by the Global Initiative Against Transnational Organized Crime, estimates that the seven main extremist groups receive between US$1 billion and US$1.4 billion in funding each year. These funds are obtained primarily from environmental crimes such as illegal logging, ivory trade and drug trafficking. As natural resources dwindle and become more difficult to obtain, extremists are increasingly likely to turn to new methods of financing.

Militant Islamist groups such as ISIS have shown their ability to use the Internet for propaganda and recruitment. Some argue that the group’s ambition and its use of the so-called Dark Web for recruitment, fundraising and selling contraband, is what distinguishes ISIS from its predecessors such as al-Qaeda. This may well be relevant for groups such as Boko Haram operating on the African continent.

The chances of Boko Haram launching a cyber-attack are low, but members who could launch such an attack could be recruited

For example, when Boko Haram pledged its allegiance to ISIS in early 2015, its presence on social media increased – as did its distribution of propaganda. But Boko Haram has not apparently been able to carry out more advanced examples of cybercrime other than so-called ‘419 fraud. The group reportedly hacked a Nigeria State Security Service database in 2012, but did not claim responsibility for the attack.

It appears, then, that the prospect of Boko Haram launching a cyber-attack in the near future is low. However, the possibility of recruiting potential members who could launch such an attack exists. Launching a cyber-attack would, however, mean overcoming practical challenges such as poor Internet infrastructure, lack of resources and the need to regroup following sustained counter-insurgency measures by the Nigerian army.

Despite concerns that terrorists could launch cyber-attacks against critical infrastructure, the potential to carry out such attacks is limited, as cyber-attack tools remain in their infancy. Yet, it is crucial that cybersecurity measures are continuously enhanced to deal with any eventualities of such an attack.

Richard Chelin, Researcher, ISS project, ENACT

Related

More +

EU Flag
ENACT is funded by the European Union
ISS Donors
Interpol
Global
ENACT is implemented by the Institute for Security Studies in partnership with
INTERPOL and the Global Initiative against Transnational Organized Crime.