Breakout Session B: Cyber Security and Cybercrime Trends in Africa

Transcription

1 Breakout Session B: Cyber Security and Cybercrime Trends in Africa

2 Global Forum for Cyber Expertise Awareness Initiative The African Union, Symantec, and the U.S. Department of State committed to develop a comprehensive report that presents detailed technical data on cybersecurity and cybercrime trends in Africa. The Goal: To gain a comprehensive view of the major occurrences of cyber incidents affecting organizations and individuals in the territory of AU Member States. Governments and other interested parties can then utilize this information to strengthen prevention and response mechanisms to confront the diverse range of cyber threats. 2

3 Partners: Cybercrime & Cybersecurity Trends in Africa African Union U.S. Department of State Organization of American States (OAS) Council of Europe Symantec Corporation 3

4 Coming in early

5 5

6 Africa s IT Infrastructure Driving Digitization Africa s internet is already integrally connected to Europe s, especially Mediterranean countries This connection will only grow stronger as more undersea cables connect more of Africa. Mobile internet connections most common But connectivity and cost are still significant obstacles 6

7 Cybercrime As IT sector grows, cybercrime grows: Malware on the rise Botnets Hacktivism Spearphishing and Spam Ransomware Institutional Capacity to Fight Cybercrime Few cybercrime laws Disparity in capacity among countries Legacy technology Low level of awareness 7

8 8

9 Symantec threat intelligence Identify more threats + take action faster + prevent impact Worldwide Coverage Global Scope and Scale 24x7 Event Logging Rapid Detection Threat Activity 69M+ sensors 157+ countries 4.5B+ authentications/day Preemptive Security Alerts Malware Intelligence Symantec GIN Symantec Probe Network Symantec.cloud Skeptic Vulnerabilities 51,644+ vulnerabilities 16,687 vendors 43,391 products Information Protection Spam/Phishing 5M decoy accounts 3B+ messages/daily 1.4B+ web requests/daily Threat Triggered Actions

10 Malicious Activity Data Tables Top 10 source African countries for attacks Country Africa Rank Percentage Incident Count South Africa 1 31% 220,727 Morocco 2 16% 106,144 Uganda 3 10% 63,234 Egypt 4 9% 57,204 Mauritius 5 8% 52,974 Kenya 6 4% 27,172 Tunisia 7 4% 25,665 Nigeria 8 3% 20,158 Zimbabwe 9 3% 19,319 Algeria 10 10,790 10

11 Malware Top 10 source African Countries for malware Country Rank Percentage within Africa Incident Count South Africa 1 36% 712,773 Egypt 2 20% 394,800 Algeria 3 8% 165,311 Tunisia 4 7% 129,254 Cote D Ivoire 5 5% 101,846 Morocco 6 5% 101,248 Nigeria 7 3% 54,559 Sudan 8 48,304 Mauritius 9 44,320 Kenya 10 32,874 11

12 Spam Top 10 source African countries for Spam Country Rank Percentage within Africa Incident Count South Africa 1 24% 86,947,667 Egypt 2 18% 63,788,313 Algeria 3 13% 45,810,103 Tunisia 4 10% 37,014,318 Morocco 5 10% 36,524,817 Nigeria 6 3% 10,385,420 Mauritius 7 8,902,475 Kenya 8 7,979,144 Zimbabwe 9 6,161,185 Cote D Ivoire 10 5,578,413 12

13 Botnets Top 10 source African countries for bots Country Rank Percentage within Africa Incident Count Egypt 1 31% 2,037,491 Algeria 2 18% 1,179,989 Morocco 3 15% 968,284 Tunisia 4 11% 736,563 South Africa 5 9% 581,893 Sudan 6 3% 203,415 Mauritius 7 135,427 Kenya 8 131,488 Nigeria 9 106,023 Libya 10 1% 79,250 13

14 Global Government Partnerships United States FBI Latin America & Caribbean Organization of American States Europe ENISA NCA EC3 Africa Africa Union South Korea KISA KNPA Australia CERT Australia Australian Federal Police 14

15 Government Cybersecurity Partnership Program Europol s Cyber Crime Centre (EC3) In October 2014 we signed an MOU to cooperate on cybercrime investigations and information sharing. We are currently working together on joint cybercrime investigations. Organization of American States (OAS) In May 2014 we entered into a partnership to develop a report that assessed the state of cybersecurity in Latin America and the Caribbean. It is regularly referenced and has lead to numerous business and thought leadership opportunities. International Telecommunication Union (ITU) In June 2014 we entered into an agreement to share strategic cyber threat information and to co-brand the ISTR that is distributed to government leaders in all 193 Member States and more than 700 private sector members around the world. Korea National Police Agency (KNPA) In October 2013 we signed an MOU to cooperate on cybercrime investigations and information sharing. African Union In April 2015, through the Global Forum on Cyber Expertise (GFCE), Symantec entered into a partnership with the African Union and the U.S. Department of State to develop a comprehensive report to assess the state of cybersecurity in Africa. 15

16 Breakout Questions 1). In many ways, Africa is where the United States, Europe and parts of Asia were years ago. They are at the beginning of an internet boom. What lessons learned could be passed along? Where should they start in securing their infrastructure and fighting cybercrime? 2). Multi-national organizations with experiences that span countries and jurisdictions often have a wealth of practical experience that will be beneficial to cyber strategy formulation and capacity building programs. However, trust in international companies is still an issue in many countries where cybersecurity is concerned. How can these trust issues be overcome? 16

17 Thank You William Wright Director, Government Affairs