Let’s talk cyber security matters
While the world is excitedly conversing on the latest technological trends, attention is now shifting to the risks associated with the use of technology. As a corporate, we have thought it prudent to champion the conversation on enhancing cyber security given that cyber threats are real.
With the rise in use of computers, networks and electronic systems- talk of e-commerce and the internet, criminals too are turning to the internet to facilitate criminal activities and maximise profits in the shortest time.
The systems that have seemingly made it easier for people to conduct e-commerce and online transactions are now being exploited by cyber criminals to also defraud the users.
Cyber crime is rising to become one of the fastest growing threats in the technological development landscape and not only in Zimbabwe but globally because it is a criminal activity involving a computer system and a network.
Unlike the most common crimes such as robbery and theft, cyber crime is a borderless or virtual crime, which can be committed by a person who will not necessarily require to be physically present at that location, but can be based in a remote location thereby evading law enforcement agencies.
By definition, cyber crime is an offence that is committed against individuals, organisations or even states, with the intention to harm the reputation of the victim, or cause physical or mental harm, financial or proprietary loss, to the victim, using modern telecommunication networks such as internet, mobile phones phone networks and electronic payment systems.
Typical examples of cyber crime cases include credit card fraud, phishing, hacking, identity theft, unauthorised access, telecommunication piracy, malware, electronic money laundering, tax evasion.
Common forms of cyber-crimes exist such as passing on and sharing pornographic content, cyber bullying, piracy and spamming, among others. Locally, cases of card cloning are on the rise as thieves target Point of Sale (POS) machines so that they can use information stored for cloning cards.
With the rise in use of e-commerce websites, unknowingly people have been lured into depositing money to buy cars, groceries and various goods and services to have the companies and individuals “disappear” upon payment being received or collection of the money.
Individuals have also been lured into depositing money to secure non-existent job opportunities among other scams.
Social media is a favoured target of scammers, as criminals seek to leverage the trust people have in their own social circles. In social media generated cyber crimes, criminals take advantage of the sharing facilities and present fake products, video links and “like” buttons which they use to spread their scams.
Users are also lured into clicking fake website buttons that install malware with some posting updates on a user’s newsfeed, spreading the attack.
Incidents of hacking into governments and private corporations data-bases have also exposed the vulnerability of both public and private IT systems.
Attacks against organisations are becoming common with the recent forms being cases of malware, hacking and Ransomware.
In Zimbabwe, there have been reports of malware attacks on educational institutions and companies’ websites.
Companies and banking systems have also been subject to hacking (illegal penetration and use of computer systems) thus being defrauded by individuals of large amounts of money.
With ransomware, cyber criminals use a malware or a “dangerous” computer programme to prevent or limit the usage of company services, stopping users from accessing the system or services until the demanded ransom is paid.
The threat of cybercrime is real and goes beyond individuals and companies to state against state in a form of cyber-warfare.
This involves one nation penetrating another nation’s computers or networks for the purposes of causing damage, disruption or to obtain sensitive security information.
Increasingly, cyber-criminals are attacking governments through their critical infrastructure, including transportation systems, banking systems, power grids, hospitals and critical manufacturing.
How to safeguard against cyber crimes
◆ Never disclose sensitive information online – especially bank account details and passwords.
Banks and shops will never ask for information of that nature over the phone or online and more so, banks will never ask a client to give it their password.
If you should find yourself in this scenario, the best thing is to phone the bank or the shop that has purportedly originated the message or to go in person just to make sure.
◆ Increased awareness and mindset change on the potential risks of cyber-crime is required.
One of the biggest impediments in advancing cyber security readiness is changing of mindsets to raise awareness about the potential risks of cybercrime.
Increased publicity of ongoing cyber-crimes can go a long way in achieving mindset change and public perceptions on their roles in preventing and averting cyber crimes.
All national stakeholders and citizens must therefore work together in order to change the mindset and public perception of matters relating to cyber security.
◆ Continuous education and training on cyber threats – identification and prevention: – stakeholders must work towards developing the necessary skills to identify cyber threats and also prevent them.
The public too must be equipped with the requisite education and training in order to be able to identify and safeguard against falling victim to cyber criminals.
◆ Promote a culture of cyber security amongst stakeholders including organisations, governments, civil society and international organisations to develop, manage and use secured information systems
◆ Critical information infrastructure must be protected, to safeguard data and sensitive information at individual, organisational and national levels.
◆ Secure your website – Cyber criminals continue to take advantage of vulnerabilities in poorly secured legitimate websites to infect users.
This includes exploiting the design weakness to gain access and manipulate these websites for their own purposes.
At the end of the day, cybercrime has a wide reaching impact on individuals, organisations and nations as it not only derails the technological advancements but poses as a direct attack also on economic, social and political advancement of the affected societies.
Acknowledgements: this article made references to excerpts from the below sources:-
- Cybercrime in Zimbabwe and Globally: RBZ (2015)
- We underestimated Cybercrime in Zimbabwe, it’s time to be woke now . . . www.techzim.co.zw/2017 /11/underestimated-cybercrime-zimbabwe-time-woke-now