It will take education, not just legislation, to tackle cybercrime

Rika Butler, Stellenbosch University and Martin Butler, Stellenbosch University

South Africa’s government is taking cybercrime seriously. The revised version of its Cybercrimes and Cybersecurity Bill, which was published in August 2015, is set to be released during 2016.
The bill is a crucial and welcome step in the fight against phishers, hackers and online identity thieves. It defines various offences that relate to data, messages, computers and networks. It makes it criminal for anyone to acquire, possess, provide or use personal or financial information to commit an offence. Unlawfully acquiring, possessing, providing, receiving or using passwords, access codes or similar data also constitutes an offence.
It doesn’t stop there. The bill provides for the ministers of police, defence, telecommunications and postal services to set up various new structures and positions to improve computer security. For instance, the government will be empowered to establish a Cyber Response Committee, a National Cybercrime Centre, Incident Response Teams and other mechanisms for reporting and investigating cybercrime. Importantly, the legislation also grants extensive powers to the police and the State Security Agency to search, access and seize anything related to investigating such matters.
But legislation alone cannot stop cybercrime. Education is key so that individual computer users learn not to respond to phishing emails. This bill does not force computer users to do or not do something: it simply cannot influence human behaviour on its own. A number of studies globally have indicated that individual computer users remain a weak link in the online security chain.

South Africans hugely at risk

User education is more important than ever. Research suggests that South Africans are being increasingly targeted by cybercriminals. In January 2016, the country jumped from 67th to 22nd position on cybersecurity firm Check Point’s live Cyber Attack Threat Map. Doros Hadjizenonos, Check Point’s country manager in South Africa, told a news website that the company had seen “an increase in phishing attacks targeting video-on-demand users, who are tricked into handing over their passwords under the guise that their accounts need to be updated”.
Meanwhile, internet security company Trend Micro’s latest report shows that unsolicited bulk email or spam, a popular method used to launch email phishing attacks, peaked at 2,269,039 in December 2015. The company also reported that 6,185 personal computers in South Africa protected by their technology had banking malware installed on them during 2015. This is software that’s downloaded onto a computer without the user’s knowledge to perform a malicious act – such as stealing passwords and account numbers.
Phishing remains an extremely popular method of identity theft. Cybercriminals try to trick computer users into divulging personal financial information. This can then be used to steal money or commit fraud. Victims can lose enormous amounts of money. Computer network and security firm RSA’s Online Fraud Resource Centre estimates the global cost of phishing attacks for December 2014 at US$4.5 billion. In South Africa alone, about $49 million was lost to phishing during 2015.
The practice of phishing is becoming more common as more and more services become available online. People can bank, shop and watch movies online, creating a number of new opportunities for cybercrime. Cyberattacks are also becoming increasingly sophisticated and less easy to spot.

Educating computer users

This evolving and growing threat certainly requires legislation that defines offences and establishes structures for reporting and investigating cybercrime. But, as we’ve outlined, user education is equally important.
It is essential that computer users be educated about the risks that cyberattacks pose. This includes developing training and awareness about how to prevent and detect such attacks. These initiatives could range from placing relevant information on financial institutions’ websites to generating media awareness through newspapers, magazines, radio and TV. More formal training sessions and education could also play a role.
Our research group at Stellenbosch University is currently examining ways to improve online security in South Africa. This involves gauging people’s understanding of the threat of phishing and the steps they take to avoid falling victim to such attacks. Whether you think you’re vulnerable to phishing, believe you’re well protected or genuinely have no idea, you can contribute to this research by clicking here to complete the survey.


Rika Butler, Associate Professor in Auditing at the School of Accountancy, Stellenbosch University and Martin Butler, Senior Lecturer in Information Systems Management, Stellenbosch University
This article was originally published on The Conversation. Read the original article.

ICT stakeholders solicits for open data initiative in Nigeria

Information Communication Technology stakeholders have described open data initiative, a policy guideline being proposed by National Information Technology Development Agency, (NITDA) as crucial to the socio economic development of the country.

The stakeholders, who met in Port Harcourt on agreed that for the nation to develop in line with national planning, some important data must be made available and open for easy accessibility and usage.

The forum maintained that NITDA should come up with principles that would encourage openness of data and also established guiding principle to Ministries Departments and Agencies (MDAs) for best global practice in data collation and usage.

In his welcome address, Dr. Vincent Olatunji, NITDA’s acting director general, who was represented at the forum by the Head of Standards, Guidelines and Regulations, Barrister Lazarus Ikoti informed the stakeholders that lack of data in Nigeria is hindering the development in the country.

He cited an example with the effect insurgency in the country and stressed that lack of data has made it difficult for the country to actually know the number of Internally Displaced persons (IDPs) in the country.

He said the issue of open data has drawn so much interest in the international community and Nigeria as a country cannot afford to lag behind.

He stated that it was because of this the Agency attached so much premium to open data, adding that, ” the world is drifting toward open data and many organizations like open Data for Development were springing up to support open data initiative”.

He assured that NITDA would partner with these organisations to derive maximum benefits for Open Data in Nigeria adding that the Agency since 2013 has begun preparation to make Nigeria one of the countries that has complied with this initiative.

While acknowledging the role of standard, guideline and regulations to the success of harnessing the benefit of ICT, Dr Olatunji stated that the Agency would begin enforcement of most of the guidelines the Agency has published in the past.‎

“We are not going to stop at publishing the standards but shall go all out to enforce. To enforce these Standards, we shall work with the relevant government agencies to secure their support,” he hinted.

The NITDA boss stated that Africa Open Data conference which was held in 2015 has earmarked some fund as seed support to empower Africa emerging Open Data entrepreneur which would be used to improve on data collation for sustainable global development goals.

Meanwhile the discussions from the stakeholders meeting has been far reaching as they were unanimous that for the open data initiative to get the widely acceptance among Nigerians MDAs, a directorate must be established among MDAs with the sole aim of ensuring awareness, accessibility and usability of data.

Yahoo may write down goodwill value of Tumblr

Yahoo said it may have to write down the goodwill value of Tumblr, more than two years after the web pioneer spent $1.1 billion to buy the microblogging site.

Yahoo said earlier in the month it took a $230 million impairment charge related to Tumblr and was considering strategic alternatives for its core internet business.

“It is reasonably possible that changes in judgments could cause the company to consider some portion or all of the remaining goodwill of the Tumblr reporting unit to become impaired,” Yahoo said in a regulatory filing on Monday.

The deal for Tumblr was then seen as a bold bet by Yahoo Chief Executive Marissa Mayer to revitalize the company by co-opting a Web property with strong visitor traffic but little revenue.

Yahoo said on Friday it would take pretax charges of $64 million to $78 million, mostly in the first quarter of 2016, due to job cuts and other restructuring moves.

Of the total, $40 million to $48 million would be for severance pay and related cash expenditures, the company said in a filing.

Yahoo has said it would reduce workforce by 15 percent by the end of 2016 and close offices in Dubai, Mexico City, Buenos Aires, Madrid and Milan.

The company’s shares closed up 1.3 percent at $31.79 on Monday and were largely unchanged in extended trading.

Shittu, others mull over $300bn Africa smart cities investments

The Nigerian minister of communications, Mr Adebayo Shittu, executive director of the SMART Africa Programme, Dr Hamadoun Touré, and several leading information communications technology (ICT) players, have said that there is an investment need for infrastructure in Africa of about over $300 billion over the next 10 years if the continent is to reach its full potential.

ADEBAYO SHITTU

The experts spoke at the second installment of Ericsson’s Africa Night, a networking and conversation platform for key stakeholders in the sector to engage on matters related to the digitisation of Africa at the just concluded Mobile World Congress 2016 in Barcelona, Spain, where Ericsson hosted a discussion on the impact of smart cities for a connected Africa.

The head of Ericsson’s region sub-Saharan Africa, Fredrik Jejdling, said, “Industries and society are transforming as a result of ICT, and the establishment of smart cities that are equipped to manage some of the most important needs in evolving cities, such as safety, transportation, and utilities, requires active collaboration between various stakeholders.

Touré said, “The investment will not be charity, its business. Today, the continent has the highest return on investment. Governments are putting the right regulatory environments in place with regard to spectrum, licences and national broadband plans and, therefore, with the public partnership model that we are advocating, there is money to be made.

From the Nigerian perspective, Shittu shared the success of two initiatives that were having a positive impact on connecting Nigerians and bringing financial inclusion and accountability: the Treasury Single Account (TSA) as well as preloaded money cards that are now available, for example, to farmers.

The Rwandan minister for ICT and youth, Jean-Philbert Nsengimana, extolled the role of partnerships in delivering smart cities in Africa.

“Rwanda is leading in four areas in collaboration with Ericsson: payments, digitising transportation, safety and utilities. There is no way a government alone can drive massive projects at the rate at which we are doing it without strong partnerships,” Nsengimana.

Speaking on the progress of the Smart Rwanda Project in his country, the minister projected that 95 per cent of all transactions between the government and citizens by the end of 2017 will be online, and round the clock.

The United Nations estimates that by 2050 almost 70 percent of the world’s population will be city dwellers. Though Africa remains mostly rural with only 40 per cent in urban areas as at 2014, this is expected to change in coming decades as Africa, like Asia, is expected to urbanize faster than other regions in the world.

The growth of cities raises a range of social, economic and environmental challenges, putting pressure on infrastructure, natural systems and social structures. However, as the challenges of urbanization intersect with ICT-driven opportunities, solutions emerge with the potential to improve the lives of billions.