AI, BEC top of the list of cyber dangers facing Africa
Artificial Intelligence (AI) initiated attacks, Business Email Compromise (BEC), and talent shortage top the list of cyber security concerns for African business leaders.
According to Nic Rudnick, group deputy executive chairman of Liquid Intelligent Technologies, who delivered a keynote lecture on the second day of the 2023 Africa Tech Festival in Cape Town last week.
Rudnick remarked that the availability of fibre network equipment built across Africa since 2009 has aided attempts to create connectivity. It does, however, serve as a target for cybercriminals.
"It is enabling criminals who target us and our customers… criminals (that) use our infrastructure to create threats like we've never seen before," he went on to say.
According to INTERPOL’s review of cyber security across Africa, BEC remains the most prominent danger to cyber security and the most common means for networks to be compromised.
In 2021, business email troubles cost approximately 2.4 billion dollars in the United States alone, a 25% increase over 2020.
"This is becoming more common throughout Africa. Fifty percent of these attacks are directed against South Africa, but they are quickly moving elsewhere."
The investigation also discovered that the MEA accounted for 1.94% of all BEC attempts, with the majority of efforts going unreported.
Acceleration of the BEC
Interpol anticipates that BEC will expand across Africa in sync with the pace of digital transformation and due to a lack of basic security practises among businesses.
According to the Liquid C2 Cyber Security Report 2022, 68% of Kenyan firms stated email attacks like phishing and spam are the most dangerous, while 93% of Zambian enterprises concurred.
Illegal access to corporate or client information was cited as the most serious concern by 66% of South African businesses.
"The cyber threat has evolved to the point where cybercrime has become a business. Crimeware-as-a-service is now available," Rudnick added. "Criminals no longer need to develop software themselves; they can simply licence it from companies that make it. In addition, in the emerging age of AI is providing the potential to produce deepfakes."
AI-powered threats
Rudnick believes that the arrival of the AI is one of the most significant advancements in recent years. "Cyber criminals are using artificial intelligence to research their targets and gather intimate information that lends credibility to these types of attacks. This is the new threat that our sector faces.
He stated that everyone might be a target.
"Previously, celebrities had to be concerned about their image... Is someone going to use their image and place it on a coffee cup to sell as a souvenir? That now affects all of us since any of our faces can be used to create deep-fakes that jeopardise our organisations. Any of us can have our voices hacked."
This will certainly generate new challenges for the industry, including the prospect of needing to copyright images and voices to assist prevent unlawful use, according to Rudnick.
Nonetheless, Rudnick went on to say that Generative AI is being utilised to boost cyber protection systems, with companies like Google and Microsoft offering new solutions to make the defence process easier.
Also, he said Liquid has also created fusion centres to counteract AI's ability to detect distinct patterns and launch attacks.
However, given the scarcity of available cyber security expertise, Rudnick believes that the ability to apply AI poses a huge barrier for Africa.
He highlighted a recent poll that found a deficit of cyber security skills in the neighbourhood of 100,000 persons as compared to what is required.
Rudnick believes that deploying consolidated centres in conjunction with AI to respond to these kind of threats will be beneficial.