In reaction to rising cybercrime incidents in both public and private sectors, some African governments have set up incident reporting and early warning bodies with the support of AfriNIC (Africa Network Information Center).
South Africa, Kenya, Morocco, Ivory Coast and Tunisia have set up Computer Emergency Response Teams (CERT) that will work with information security professionals to report vulnerabilities and detect DDoS (distributed denial-of-service) attacks. The move is coordinated by AfricaCERT, supported by AfriNIC.
"Our main goal originally was to raise awareness of cybersecurity issues and set some framework with the support of the Internet technical community. We had two workshops with law enforcement agencies on IP forensics and how law and technology should be brought tightly together to address some of our challenges," said Adiel Akplogan, AfriNIC CEO.
AfriNIC has been holding meetings solely for government agencies involved in ICT regulation, to make them find ways to work together with information security experts to tackle rising cases of cybercrime. AfricaCERT is currently collecting data on cybercrime because there is insufficient research in the region.
In the past two years, growth in affordable connectivity has led to a rise in cybercrime, which has affected the public and private sectors, especially the financial sector. A lack of appropriate guidelines and relevant laws has led to some criminals going unpunished.
"Africa is a huge area of concern for the IT security community: There are some extremely talented and experienced engineers and developers in the continent but they are terribly under-resourced and faced with an impending wave of new, massive bandwidth that has already started to arrive," said Steve Santorelli, director of global outreach at Team Cymru, a security research company.
According to a survey by Deloitte last month, 60 percent of banks in East Africa are susceptible to security threats because of low IT budgets. The Central Bank of Kenya estimates that local banks lose $2.8 million to fraud annually. Mobile and online banking are the fastest-growing services and criminals are adapting.
AfricaCERT is expected to provide a platform for cooperation, training and building of best practices that can be adopted in the region. The issue of surveillance is thorny with some experts fearing that governments may crack down on dissidents under the guise of fighting cybercrime.
In Kenya, the Computer Incident Response Team (CIRT) has been formed with representation from the various government bodies and the telecommunication providers body, in an effort to ensure a coordinated approach to cybersecurity incidents nationally.
"The KE-CIRT is in the process of setting up a Network Early Warning System (NEWS); this will not only monitor possible DDoS attacks but any other forms of attack targeting or emanating from Kenyan networks," said Francis Wangusi, acting director general at the Communications Commission of Kenya.
The issue of surveillance and early detection has raised awareness of IPv6 deployment, where all gadgets can have an IP address, which makes it easier to detect the threat origin.
"IPv6 implementation will present some new opportunities in IT due partly to the essentially unlimited number of new IPs available," said Santorelli. "In the short term, there should not be much disruption to CERTS, but in the medium to long term IPv6 might broaden the attack surface for miscreants in the underground economy. More IP-enabled infrastructure, perhaps with less security than we'd prefer, means more opportunities for crime."
AfriNIC is working with governments and operators in Africa to deploy IPv6.