Analysing East Africa’s Cyber Landscape

Introduction

The East African region finds itself at the forefront of a rapidly evolving digital landscape, where the growth of technology is met with an escalating threat – cybercrime.  Digitisation has allowed large firms and technologies e.g Kenya’s Safaricom to penetrate across the region with the birth of mobile money. Large telecommunication providers have cemented themselves within the market introducing novel technologies i.e 4G/5G networking across the most rural villages. However, the security of these daily transactions and communication is put into question. 

Kenya: A Beacon of Innovation

Nairobi's Silicon Savannah stands as a symbol of Kenya's technological prowess, from the revolutionary 2007 launch of Safaricom's M-PESA mobile money service to the nurturing of startups at tech incubators like iHUB. Yet, this innovative ecosystem is not immune to the dark underbelly of the digital world. In July 2023, Kenya faced a series of cyber incidents, primarily distributed denial of service (DDoS) attacks. Denial of Service attacks involves blocking and disrupting access to network resources, temporarily halting services and operations for its intended users.  These attacks not only temporarily immobilised digital public services but also disrupted essential internet and mobile payment platforms. Despite being a forerunner in East African innovation, Kenya must prioritise the implementation of robust and comprehensive security measures to safeguard against the ever-evolving threats that the digital landscape presents. 

The Cyber Threat Landscape in Kenya

The country's global rank as the 34th most cyber-attacked by Kaspersky underscores the severity of the situation, with the financial technology sector becoming a prime target. Cybercriminals, employing sophisticated techniques like phishing and ransomware attacks, penetrated the digital shield. The aftermath of these attacks is not merely a technical challenge; it's a multidimensional crisis that reverberates through economic and societal realms.

Phishing attacks, wherein malicious actors deceive individuals into divulging personal information, and ransomware attacks, which involve data breaches with the intent of extortion, strike at the heart of financial and telecommunication sectors. The economic impact, while immediate, extends beyond financial losses affecting supply chains, production schedules, and overall economic stability. The repercussions are not confined to balance sheets; they manifest in potential layoffs, slowed economic activity, and disruptions in the timely flow of goods and services. 

Uganda’s Struggle Against Cybercrime

In the heart of East Africa, Uganda grapples with the relentless growth of cybercrime, mirroring the expansion of its mobile money industry boasting 28 million registered users. However, this technological advancement is overshadowed by a surge in malware distribution and mobile money network fraud. The National Cybersecurity Strategy, a critical document detailing the government's cybersecurity frameworks, outlines electronic fraud and obtaining money by false pretence as the two major cyber threats. The shared responsibility of securing these transactions falls to both telecommunications and security organs. Yet despite the Uganda Police Force's digital forensics capacity, the recovery rate for funds lost to cybercrime in 2020 was a mere 0.05%. The simultaneous expansion of internet coverage throughout the country correlates with the surge in internet users, creating fertile ground for malicious actors..

Critical Cyber Incidents in Uganda

A pivotal incident unfolded in early October 2020 when Uganda's telecoms and banking sector experienced a major hack, resulting in a staggering loss of $3.2 million. Unfortunately, this event was not an isolated occurrence, as evidenced by a recent Denial of Service attack in February.  Anonymous Sudan, a religiously driven hacker group in Sudan, claimed responsibility for this assault, targeting major operators such as Airtel, MTN, and Uganda Telecom. The motive behind this attack was linked to firms believed to be supporting the Rapid Support Forces in the ongoing civil conflict against the Sudanese Armed Forces.

Digital Sovereignty and Security Challenges in Uganda

NITA Uganda, an arm of the Ministry of ICT, tasked with digitising and interconnecting various branches of the government has made significant strides but as digital platforms become integral to government operations the potential infiltration by malicious actors increases. The compromise of sensitive information through cyber incidents poses a direct threat to Uganda's national security. Safeguarding the nation from external threats ready to exploit these vulnerabilities requires robust data governance practices to protect the Uganda Government's critical applications.

The digital landscape also introduces challenges related to dissent and sovereignty. As the nation's populace engages in online discourse, the potential for cyber-enabled dissent becomes a concern. With a median age of 15.9, young Ugandans online may not possess the adequate digital hygiene and cyber awareness to combat disinformation and are malleable to ideological shifting. This poses a communication difficulty during crisis management, how best can the East African governments & the private sector handle cyber crisis communications in a region with a small digital footprint? This poses a significant challenge within the ministries of disaster preparedness.

Rwanda: Pioneering Technology with Security

In the vicinity, Rwanda envisions itself as a technological leader under the visionary leadership of President Paul Kagame. Initiatives like Mara Phones, Africa's first fully made smartphone, and the "One Laptop Per Child" project underline Rwanda's commitment to leading technology and innovation in the region. The Rwandan Government's proactive stance on innovation is palpable in its investment in a satellite program, designed to bolster telecommunications and connectivity across the nation. While the national cybersecurity apparatus has showcased efficacy in mitigating attacks since the February 2020 assault on a government data centre, challenges persist. Finding the delicate balance between propelling technological advancement and fortifying defences against cyber threats remains an ongoing struggle. 

Rwandan policymakers face the Innovation versus Security Dilemma – fostering an atmosphere of innovation while steadfastly preserving the integrity of digital infrastructures. against a backdrop of regional tensions, the current ecosystem may offer malicious actors opportunities to exploit vulnerabilities and gain access to classified information, including details on military operations, the location of intelligence assets, and other sensitive data.

Regional Cybersecurity Initiatives and Challenges

In response to the escalating cyber threats within the East African region, we recognise the work national cybersecurity strategies and information security officers have implemented. However, there are recommendations we would propose to fortify the cybersecurity resilience that emphasises collaborative efforts between the private sector and government entities. 

According to Uganda’s National Information and Communications Technology Policy, Uganda’s maturity with regards to continuity of operations is very low. Systems lacking necessary Business Continuity Planning are likely to lose essential data across the their IT estate; for the Ugandan government this can mean the loss of digital legal records, election data and classified data all of which cannot be recovered without a robust backup strategy with a short recovery time objective to avoid the corruption of data once recovered. East African leaders should enforce strict regulations that require a minimum threshold of maturity across numerous cyber security parameters for both the private sector & government institutions similar to the European Union’s DORA (Digital Operational Resilience Act)DORA is a regulation that aims to increase the cybersecurity posture of the financial services ecosystem. The DORA regulation offers a framework of best practices to ensure an organisation has a robust risk management process.

Role of Private Sector in Cybersecurity

Large Private Businesses should spearhead the adoption of advanced security measures. They have the capacity to Invest in cutting-edge tools and change management processes to foster a culture of cybersecurity awareness to enhance resilience against evolving threats across the region. Adoption of tools within their SOC (Security Operation Centers) that leverage emerging technologies to pinpoint vulnerabilities & incidents is essential. 

Tools like an integrated SIEM with numerous threat sources, XDRSOAR  that leverage emerging technologies would be effective in protecting endpoints & an organisation's entire IT estate. Using AI & Machine learning capabilities to analyse all logs providing real-time insights into potential security incidents and events will make a SOC team's job much easier. The benefit of acquiring vendor solutions with these capabilities avoids East African Entities having to produce these tools in-house which can save money & time.

Emphasis should be placed on employee training; granular tasks like ensuring strict removable media rules & robust privileged access management if done collectively can increase the cyber security maturity of an organisation along with a clear skills matrix for the roles & responsibilities required for cybersecurity roles to ensure the recruitment function stays ahead of the curve to adapt to the cyber challenges in the market.

East African organisations should ensure they are mature with regard to their Third Party Risk Management (TPRM) tools that assess the resilience of their supply chain partners. East Africa has a very small interconnected digital ecosystem that should gain more awareness of TPRM tools that assess vulnerabilities & the impact that their ecosystem is likely to succumb to during a crisis when a vendor solution is impacted by an attack.

Conclusion

As East Africa navigates its cybersecurity challenges, the recommendations put forth offer a first step on the road to protecting its critical business services. An impactful strategy would be to heighten regulation within the private sector in order to ensure compliance of minimum cybersecurity standards similar to Western regulatory acts like DORA (Digital Operational Resilience Act) with high penalties for non-compliance. 

Previous
Previous

Continuation Funds: East Africa’s Private Equity Exit Solution

Next
Next

Structuring Green Bonds for East African Renewable Ventures