Unveiling the cost of cybercrime in Africa
Alexander Ayertey Odonkor

Editor's note: Alexander Ayertey Odonkor is an economic consultant, a chartered financial analyst and a chartered economist with an in-depth understanding of the economic landscape of countries in Asia and Africa. The article reflects the author's opinions, and not necessarily the views of CGTN.

Cybercrime is one of the most pressing challenges plaguing economic activity in Africa. With poorly secured telecommunication infrastructure in many African countries, the footprint of cybercrime is exacerbating the numerous socio-economic problems in the region.

As Africa's gross domestic product (GDP) reached $3.3 trillion in 2017, the cost of cybercrimes for the same year also amounted to a total of $3.5 billion; Nigeria, Kenya and South Africa recorded the largest losses.

For most African countries, unsecured telecommunication infrastructure has created an enabling environment for cybercrimes to thrive; a situation which partly accounts for the decline in productivity across several sectors. It is quite surprising to note that more than 90 percent of African businesses are operating without the required cybersecurity apparatus.

Furthermore, in financial institutions, governments, e-commerce companies, mobile-based transactions, telecommunication industry and other industries, the impact of cybercrime is severe. The rapid growth in Africa's digital economy has outpaced developments in providing adequate cybersecurity for telecommunication infrastructure.

However, for most financial institutions in Africa, providing appropriate cybersecurity mechanisms to secure financial assets has been a daunting task as losses attributed to cybercrimes have increased significantly in the last few years. The findings of a recent study conducted to assess the cybersecurity environment of 148 banks in Sub-Saharan Africa (SSA) suggests that 24 percent of all cybercrimes are related to malware; credit card fraud and phishing account for 30 percent and one-third of all cybercrimes, respectively.

The study further reveals that although 85 percent of the banks have experienced cyberattacks, all of these banks claim to invest a total of $541,102 every year in network security devices to mitigate cybercrimes. With about half of these banks investing between $108,220 and $541,102 a year, in an effort to secure telecommunication infrastructure and protect financial assets, cybersecurity personnel in these banks detected only 6 percent of the entire cyberattacks that occurred within the period. On average, the banks have incurred losses of $770,000 with a single malware-infected computer costing $9,707.

A woman shows a mobile phone to her son in Imatong, South Sudan, February 8, 2020. /Getty

A woman shows a mobile phone to her son in Imatong, South Sudan, February 8, 2020. /Getty

As financial institutions in Africa continue to struggle to fully secure digital financial services, the losses attributed to cybercrime are attenuating economic value in other related industries such as the e-commerce industry.

Cybercrime is a major setback in Africa's fast-growing e-commerce market. According to projections made by McKinsey Global Institute, by 2025, Africa's e-commerce market will reach $75 billion in annual e-commerce sales, a growth pattern that will be supported by the internet's contribution of $300 billion to GDP.

The use of the internet will foster an additional $300 billion increase in productivity per year in six key sectors: financial, agriculture, education, health, retail and government. Through the internet, e-commerce has become the main driver of growth in the retail sector as it has created a new shopping avenue for Africa's growing middle class.

With the world's second-largest population of internet users, Africa has more than 400 million internet users, a feat that only China surpasses. However, cybercrime in Africa has rendered the use of the internet particularly for e-commerce purposes to be a highly risky venture. For instance in South Africa, where online shoppers spend the most on consumer products, more than any other country on the continent, about 19,842 cyberattacks are reported in a day. On average, 570 cyberattacks are recorded every one hour in South Africa.

In South Africa and other countries in Africa, most cybercrimes stem from poorly secured online shopping platforms, digital financial services, malware-infected mobile phones and lack of education on cybersecurity. In spite of all these challenges, some countries in Africa are performing extremely well in ensuring that telecommunication infrastructure is adequately secured and financial assets are also protected.

The 2018 Global Cybersecurity Index ranked Kenya, Rwanda and Mauritius as the three top African countries with the highest score in five pillars: cooperation, capacity building, legal, technical and organizational. Other African countries can also emulate the success of these three countries in addressing cybercrime by setting up efficient cybersecurity intelligence units just as in the case of Mauritius and Rwanda, where these units mitigate cybercrimes.

Lessons could also be drawn from Kenya, where the country has a practical multi-stakeholder arrangement that involves academia, financial institutions, computer incidence response teams, telecommunication companies, the government and other relevant stakeholders. Governments across Africa should embed cybersecurity education in all levels of the education curriculum.

For the less educated population and owners of small businesses who in most cases operate largely in the informal sector, there should be regular seminars and workshops to educate participants in such industries on current trends in cybercrimes and the appropriate measures to adopt in the fight against cybercrimes. 

(If you want to contribute and have specific expertise, please contact us at opinions@cgtn.com.)