Cyber insecurity is a threat to Africa’s digital economy. Riccardo Mayer/Shutterstock
Factors like regional tourism, movement of workers and technology development have catalysed East African integration and cross-border banking.
Many cross-border banks originate from Kenya with branches across the region. One example is Kenya’s Equity Bank, which relies heavily on digital technology. The digital space has many positive attributes but the threat of cybercrime and insecurity is prevalent.
Equity is a pioneer in online and mobile banking with technology that merges banking and telephony. However, it recently suffered a cyber-attack. Last month, Rwandan authorities arrested a cybercrime syndicate comprising eight Kenyans, three Rwandans and a Ugandan. The syndicate had attempted to hack into the Equity Bank system. The group has been involved in similar attacks in Kenya and Uganda.
Cybercrime occurs through the use of computers, computer technology or the internet. It often results in identity theft, theft of money, sale of contraband, cyber stalking or disruption of operations.
Within East Africa, Kenya, Rwanda and Uganda are taking steps to manage the huge cybercrime risk. But the cyber attack on Equity Bank is proof that these countries need to do more to protect their financial institutions from massive losses going forward.
The convention requires member states to share responsibility by instituting cyber security measures that consider the correlation between data protection and cybercrime. These measures will keep data safe from cyber criminals and preempt its misuse by third parties. It also encourages the establishment of national computer emergency response teams.
In addition it advocates closer cooperation between government and business, and creates a provision for dual criminality. This means that cybercrime suspects can be tried either in the country where the crime was committed or in their home country. This provision is meant to ensure smooth cooperation and sidestep any conflict of laws.
There is also a provision on mutual legal assistance. This allows for member states to share intelligence and collaborate on investigations.
Even though Uganda and Kenya aren’t yet signatories, they have nevertheless been establishing legal and policy frameworks provided for under the convention. Rwanda is doing so too, and as a signatory is one step ahead.
Further, Rwanda’s telecom network security regulations require service providers to secure their services by protecting their infrastructure. Every service provider must be licensed and must guarantee the confidentiality and integrity of their services. They must also set up incident management teams. These teams work with the government to manage cyber security threats effectively.
The country has managed to build the foundations of a strong regulatory framework. It has also taken measures to raise awareness around cyber security. In fact, in the attack on Equity Bank, the authorities acted on a tip from members of the public.
In line with this strategy, Kenya amended its information and communications law to criminalise unauthorised access to computer data.
Kenya has also set up a national computer incident response coordination centre to consolidate key cyber infrastructure and create pathways for regional and international partnership.
Generally, Kenya has a robust cyber security policy which includes a legal and regulatory framework. The result has been that impending cyber attacks are discovered before massive damage is done and ongoing attacks are rapidly arrested.
This regulatory framework is similar to those in Kenya and Rwanda. But in addition, Uganda has a National Information and Technology Authority that provides technical support and cyber security training. It also regulates standards and utilisation of information technology in both the public and private sectors. These measures have boosted the countries’ cyber security strategy.
The Conversation Africa The Conversation Africa is an independent source of news and views from the academic and research community. Its aim is to promote better understanding of current affairs and complex issues, and allow for a better quality of public discourse and conversation. Go to: https://theconversation.com/africa
LEGAL DISCLAIMER: This Message Board accepts no liability of legal consequences that arise from the Message Boards (e.g. defamation, slander, or other such crimes). All posted messages are the sole property of their respective authors. The maintainer does retain the right to remove any message posts for whatever reasons. People that post messages to this forum are not to libel/slander nor in any other way depict a company, entity, individual(s), or service in a false light; should they do so, the legal consequences are theirs alone. Bizcommunity.com will disclose authors' IP addresses to authorities if compelled to do so by a court of law.