How EAC can curb cyber crime

The advent of the internet with the ever increasing number of internet users globally creates a broader attack surface, new attack vectors and more endpoints of entry, including social engineering methods, for criminals to exploit, making endpoint security even more important.

Sunday, September 20, 2015

The advent of the internet with the ever increasing number of internet users globally creates a broader attack surface, new attack vectors and more endpoints of entry, including social engineering methods, for criminals to exploit, making endpoint security even more important.

Today, one cannot shy away from saying that the world is getting deeper into unknown passage of digital revolution. Moreover, it is becoming apparent that the tremendous benefits of the internet age are being challenged by the formidable menace of cybercrime, not the least in EAC region.

While EAC member states vary in the degree to which their economies and people are affected by cybercrime, the cyber criminals take advantage of weaknesses in cybercrime legislation and the nascent systems of law enforcement and insufficient technical cybersecurity measures leading to proliferation of cybercrime.

As the scale of internet connectivity, including mobile access, continues to spread across the region, EAC netizens, companies, states, intergovernmental organizations will be subjected to a larger volume of cyber-attacks from previously under-connected areas of the world.

This article principally focuses on inertia of EAC member states in curbing the menace of cybercime and particularly draws attention to the inherent limitations and failures in current national legal responses to cybercrime.

Combating cybercrime requires a different approach from that which has been traditionally taken in respect of most crimes.

In contrast to the offline world where criminals normally need to be physically present at the crime scene and can typically only commit one offence at a time (i.e. rob one bank or burgle one shop at a time), criminals in cyberspace do not need to be close to the crime scene, they might never even travel to the target country, and can attack a large number of victims globally with minimum effort and risk by hiding their identity.

Today, cybercrime is regarded as one of the most serious threats of the world economy. Cybercrime increases exponentially in the scope, sophistication, number and types of attacks, number of victims and economic damage. There are two important factors worth mentioning in this context: crime-as-a-service and anonymisation.

The crime-as-as service business model drives the digital underground economy by providing a wide range of commercial services that facilitate almost any type of cybercrime.

In that event criminals are freely able to procure such services, such as renal botnets, denial-of-service attacks, malware development (for example, Regin, a new computer spyware, which is regarded as one of the most sophisticated pieces of malicious software ever seen.

And once installed on a computer, it can do multiple things like capture screenshots, steal passwords or recover deleted files and collect information, technically known as cyber-espionage), data theft and password hacking, to commit crimes themselves.

The anonymisation techniques used in parts of internet, known as Darknets, allow users to communicate freely without the risk of being traced. The features of these privacy networks are of primary interest to criminals that abuse such anonymity on a massive scale for illicit online trade in drugs, phishing, weapons, stolen goods, forged IDs and child sexual exploitation.

As a consequence of new trends of computer crime and cybercrime, strategies must be formulated to prevent attacks and develop countermeasures, including the development and bolstering of technical cybersecurity means, as well as adequate and sufficient laws enabling law enforcement bodies to fight cybercrime effectively.

Besides, an acknowledged and concerted ability to respond to cybercrime, to track, trace and apprehend domestic and international cybercriminals can forestall future attacks through fear of severe penalties.

Proper legislation is the foundation for the investigation and prosecution of cybercrime. However, law makers must continuously respond to internet developments and monitor the effectiveness of existing provisions, especially given the speed of developments in network technology.

The main challenge today of the EAC member states with respect to cybercrime is that existing Penal Codes envisage largely computer-related crime but not cybercrime.

There is reluctance to recognise the potential abuses of new technologies and necessary amendments to the national criminal law which undermines the efforts to deal effectively with cybercrime.

This challenge remains as relevant and topical as ever as the speed of network innovation accelerates. Some fundamental actions must be undertaken: first, recognising an abuse of new technology and strengthening capacities of law enforcement to have potential skills and logistics to detect and prevent cybersecurity threats.

For example, well-trained Computer Emergency Response Teams (CERTs), Computer Incidents Response Teams (CIRTs), Computer Security Response Teams (CSIRTs) and other research facilities designed to show the impact of existing cybersecurity measures, shortcomings and to give recommendations when needed.

Second, identifying gaps in the Penal Code, by comparing the status of criminal legal provisions in the national law with emerging new kinds of criminal offences. Third, adopting new legislation that accommodates new cybercrime. However, it may be difficult for national authorities to execute the drafting process for cybercrime without international cooperation, due to the rapid development of network technologies and their complex structures. In most cases, crimes committed using ICTs are not new crimes, but criminals modified to be committed online.

The writer is a lecturer and international law expert