Cyber-enabled crime in Africa on the rise

ByRonda Naidu

Cyber-enabled crime in Africa on the rise

Global cyberattacks have been steadily increasing with the pandemic and subsequent lockdowns resulting in more remote working and virtual exchange of information. Combined with the rise of mobile phone usage in Africa, the need for this continent to review its policies and legislation around cyber-enabled crime has become apparent.

Mu’azu Umar, Director of Policy and Research at the Inter-Governmental Action Group against Money Laundering in West Africa (GIABA), believes that cyber-crime is a people problem rather than a tech problem.

He notes that in Africa the legal environment is low since very few countries have the investigative capability.

“Most crimes in Africa are cyber-enabled crimes. This is not an attack of systems, it includes crimes taking place outside the domain of the worldwide web, through mobile and other electronic platforms. In the US, there are investigative agencies at the local level that are competent to investigate, but not in Africa,” he said.

Umar cited a 2020 Interpol study on cybercrime in Africa that showed that cyber-enabled crimes have increased on the African continent largely due to the increase in internet coverage, the wide availability of cyber tools, and the growing flexibility of cybercriminals. As a result, online crime now represents a bigger security issue for law enforcement in Africa now more than ever before.

💡 Africa has more than 500 million internet users, accounting for about 38% of the continent’s population. In terms of countries, 83% of the Kenyan population is online, 60% of the Nigerian population, and 56% of the South African population.

According to the Interpol report, South Africa had 230 million threat detections in total while Kenya had 72 million and Morocco, 71 million.

In South Africa, 2,019 million detections were related to email threats and the country also had the highest targeted ransomware and business email compromise attempts.

IT services and consulting company, Accenture, identified South Africa as having the third-highest number of cybercrime victims worldwide. It is estimated that 577 malware attacks take place every hour.

Interpol has further identified that organised criminal groups in Africa mainly use the internet to find, coerce and control victims, both offline and online, to commit fraud and to sell products, mostly procured illegally. This extends to traditional crimes such as human trafficking, migrant smuggling, selling drugs, illegal wildlife trade as well as trade-in small arms and light weapons – all of which have now been taken online.

Umar also noted that with the rise of e-currencies and their related adoption in Africa, as a decentralised financial service, the mobile platform will become the number one threat with regard to cybercrime on that continent.

💡 Three cybercrime trends have been identified in West Africa in particular, according to Umar. These are:

  • Criminals are young with some level of education and awareness. They act in collusion with partners from outside the region
  • The most common types of crime include fraud of all types, love and romance scams, 419 scams (also known as an advance fee scam, which is a type of fraud where an individual is promised a lot of money, goods, or a job but is first required to pay a fee upfront), electronic payments, mobile scams, sextortion, and child porn
  • Value transfer, with the use of cryptocurrencies as a means of transferring value in addition to traditional means.

Dr. Uchenna Jerome Orji, a research fellow at the African Centre for Cyber Law and Cybercrime Prevention, noted that regional laws in Africa do not impose any requirements on member states to adopt cyber laws.

“Many countries in Africa lack cybercrime laws. Cybercrime is not a priority at this point. Although there are regional laws, they do not have an effect at a national level,” he said.

He suggested that the African Union and African regional bodies should impose obligations on member states to implement laws within a specified timeframe which could result in sanctions if these are not met.