African legislators urged to do more to fight cyber crime
Last year, Makerere University computer systems were hacked and 50 students deleted off the 2017 graduation list. In 2015, nine former MTN staff were convicted of stealing Shs3 billion off the mobile money platform, and several MPs and individuals in Uganda have lost millions of shillings to hackers who duplicate simcards and gain access to their personal data.
MIDRAND, SOUTH AFRICA | Africa must develop a comprehensive approach to protect its businesses and personal data in light of increasing cyber crime across the world, African legislators have been told.
In a joint workshop between The New Partnership for Africa’s Development (Nepad) and Pan- African Parliament committees on the African Union Commission Convention on Cybersecurity and Personal Data Protection, legislators were urged to interest their nation states to develop an enabling environment to facilitate electronic commerce and transactions and enact cyber security and personal data protection laws.
“According to a global study, cyber crime costs almost $500 billion with hundreds of millions of cyber attacks taking place in Africa every year,” said Abdou Rahman Mboob, Nepads ICT expert.
“Banks and institutions have been targeted by hackers with increasing frequency.”
Mboob was making a joint presentation to the PAP Committee on Trade, Customs and Immigration, and the Committee on Transport on Wednesday, 8 August 2018 in Midrand, South Africa.
The expert cited the Africa cyber security report of 2017 whose findings indicated that more than 90 percent of African businesses were operating below the cyber security poverty line, the point below which a business cannot effectively protect itself.
He elaborated that cyber crime takes the form of fake news, ransomware, insider threat, cyber pyramids, mobile money and internet related crimes, cyber bullying, among others.
He said that it was in this regard that the African Union Convention on Cybersecurity and Personal Data Protection (AUCC/Malabo Convention) was adopted at the 23rd Ordinary Session of the Assembly of the African Union Heads of State and Government meeting on 27 June 2014.
The convention, which is touted as a positive step for the continent in standardizing the approach to regulation of electronic transactions, personal data protection and cyber security is yet to meet the 15 ratifications required for its entry into force.
With signatories from Benin, Chad, Comoros, Congo, Ghana, Guinea Bissau, Mauritania, Sierra Leone, Sao Tome and Principe, and Zambia; there have been only two ratifications from Senegal and Mauritania.
The Chairperson Committee on Trade, Immigration and Customs, Mc Henry Venani (Namibia) said the issue of cybersecurity was fundamental with regard to intra Africa trade and that with cyber attacks on businesses worldwide, Africa had not been spared.
Venani noted that a lot of intra Africa trade will be along online systems hence the need for an enabling environment that secures such transactions.
Felix Okot Ogong (Uganda) suggested that there should be an African body that looks at cyber security and data protection at continental level, which then gives impetus to the need for nation states to ratify the AUC convention.
“The world has gone digital and it presents with a lot of opportunities and challenges. Regulation is the way to go and African countries should ratify the Convention so that there is best practice in addressing cyber crime,” he said.
Uganda losing billions of shillings
The Africa cyber security report indicates that Uganda loses Shs155 billion annually to cyber attacks.
Instances of cyber attacks are becoming common place in Uganda. Last year, Makerere University computer systems were hacked and 50 students deleted off the 2017 graduation list. In 2015, nine former MTN staff were convicted of stealing Shs3 billion off the mobile money platform, and several MPs and individuals in Uganda have lost millions of shillings to hackers who duplicate simcards and gain access to their personal data.
Such are but just some of the reported incidences but a lot of the cyber crime go unreported. The AUC Convention on Cybersecurity and Personal Data Protection therefore, proposes an African response through establishing structures to implement cybersecurity defences and mitigate cybersecurity threats and vulnerabilities.
Parliament of Uganda in 2011 enacted the Computer Misuse Act with the aim to prevent unlawful access, abuse or misuse of computers. It provides for penalties and measures that law enforcement authorities can use to fight cybercrimes.
Pan African Parliament MPs have been attending Committee Meetings in Midrand, South Africa, from August 2.
Deliberations of meeting that closes Friday will inform the reports that will be presented to plenary, which will meet in Kigali in October.
Uganda’s delegation to the PAP includes Jacqueline Amongin (NRM, Ngora), Prof. Morris Ogenga-Latigo (FDC, Agago North), Anifa Bangirana Kawooya (NRM, Sembabule), Felix Okot Ogong (NRM, Dokolo South), and Veronica Kadogo (Ind. Buyende).