We will not Sell-Out by Phasing Out: African Negotiators Urged to Fight for Africa
For 2024: Should Africa De-Link From The West To Settle The Past Injustices?
The Shadow Masters: Cabals and the Whispered Governance of Nigeria
Government and commercial online services could become the next frontier for illegal activity in Africa, security experts are warning.
[caption id="attachment_22487" align="alignleft" width="300"] A hacker can take just 15 minutes to break into websites which have the typical level of security[/caption] As more people get access to the internet across Africa, governments and businesses are increasing their online presence but there are questions about how secure these websites are. The email scam using a message from someone pretending to be a relative of a dead African leader asking for bank details is well known, but now tactics have changed. Today's cyber-criminals do not need users' approval or awareness to access valuable data, which could lead to the theft of a large amount of money. For example, a recent cybersecurity report on Kenya says businesses are losing about $146m (£96m) every year to cyber-crime. Kenyan cybersecurity analyst Freddy (not his real name) showed me how the average Kenyan website lacks adequate protection. Working on a dummy site with a typical level of security, he showed me how it was possible to hack into it. "This will take me about 15 minutes," he said as he typed away, writing code. As predicted, in just a quarter of an hour, he had full access to the database and was able to change the administrator password and upload his own material. Freddy is one of the good hackers who advises companies and defends them from attacks rather than exploits the problems, but he feels the response to the online risks is inadequate. This situation is replicated across the continent. South Africa's Sunday Times newspaper reported that hackers launched 6,000 cyber-attacks against South African infrastructure, internet service providers (ISPs) and businesses in October alone. [caption id="attachment_22488" align="alignright" width="300"] Freddy gained access to a website's database and change passwords within a short time[/caption] Bright Mawudor, a Ghanaian cybersecurity expert at Pukyong National University in South Korea, says that most African banks, government agencies and ISPs, in the face of competition, prioritise what their website can do and how fast new features can be released to the public. Security is an afterthought, he argues. "These websites are usually outsourced to software development companies who get pressured to deliver quickly," he says. "Something that should take about a month has to be delivered in a week and is thus sub-standard. They always make a mistake and the hacker just has to find one."