Case Study:
The last two decades have witnessed increased technology adoption in Africa. According to
Forbes, there are more than 600 million total internet users in Africa. Analysis by the IFC and
Google finds that Africa's internet economy has the potential to reach US$180bn by 2025,
accounting for 5.2% of the continent's GDP. By 2050, the projected potential contribution could
reach US$712bn, 8.5% of the continent's GDP. But the rise of the internet also has a dark side,
with the growing risk of private citizens, businesses, and governments falling victim to cybercrime.
The South African Reserve Bank (SARB) has identified cybercrime and emerging technologies as
growing threats to South Africa's banking sector. In its report, the reserve bank said threats
including internet and mobile banking platforms, may be exploited to facilitate money-laundering
and fund terrorism. South Africa is ranked among the top ten countries in the world in terms of
cybercrime. The country is also ranked seventh out of sixteen countries polled for the highest cost
of a cyber breach. The report notes over 90% of the banking sector offers online banking services,
and mobile application banking, except for one mutual bank.
"Although online banking offers faster transactions and more convenient options for banking,
these features are also attractive to criminals. Online features can hide the true identity of clients
(which in-branch visits would have detected), and these features can also hide the true
destination and beneficiaries of funds," says the SARB report. Southern African Fraud Prevention
Service (SAFPS) CEO, Manie van Schalkwyk says consumers must try by all means to make sure
that their data is always secured. According to SABC News, Phishing remains one of the most
prevalent scam techniques. The South African Banking Risk Information Centre (Sabric) estimates
that SA businesses suffer a total of about R250 million in losses each year due to phishing attacks
and internet fraud.
However, according to an article by African Business published on August 8, 2022, Kaspersky, a
Russian firm that provides anti-virus software, in their analysis revealed that attacks related to
data loss threats including phishing, scams, and social engineering increased significantly in Africa
in Q2 2022 in comparison with the previous quarter.
The company detected 10,722,886 phishing attacks in Africa in Q2. Kenyan users were influenced
the most by this type of threat: there were 5,098,534 phishing attacks detected in 3 months - a
growth of 438% when compared with the previous quarter. Kenya was followed by South Africa
(4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of
174%).
The Guardian in an article published August 3, 2022, reported Kaspersky saying social engineering,
"human hacking" scams, are used in many ways, and for different purposes, to lure unwary users
to the site and trick them into entering personal information. It stressed that the latter often
includes financial credentials such as bank account passwords or payment card details, or login
details for social media accounts.
According to the security firm, phishing is a strong attack method because it is done on a large
scale. It stressed that by sending massive waves of emails under the name of legitimate
institutions or promoting fake pages, malicious users increase their chances of success in their
hunt for innocent people's credentials. The article explained that phishers deploy a variety of
tricks to bypass email blocking and lure as many users as possible to their fraudulent sites, adding
that a common technique is HTML attachments with partially or fully obfuscated code. It stressed
that HTML files allow attackers to use scripts, and obfuscate malicious content to make it harder
to detect and send phishing pages as attachments instead of links.
According to a recent Interpol report, about 90% of African businesses are operating without the
necessary cybersecurity protocols and, therefore, are exposed to cyberattacks. The report also
noted that there were more than 700 million threat detections in Africa within one year. Over the
years, there have been efforts from different African countries to address the cybersecurity
challenge. According to an article by Forbes published on August 2, 2022, in South Africa,
President Cyril Ramaphosa signed the Cybercrimes and Cybersecurity Act in 2021. This law
mandates electronic communication service providers and financial institutions to act when their
systems suffer a cybersecurity attack or breach. South Africa had previously signed the Protection
of Personal Information Act No. 4 of 2013 Act into law.
At the continental level, the African Union (AU) adopted the Convention on Cyber Security and
Personal Data Protection, also known as the Malabo Convention, in 2014. This was followed by
the release of the Personal Data Protection Guidelines for Africa, a collaborative measure
between the Internet Society and the AU, in 2018. According to the United Nations Conference on
Trade and Development (UNCTAD), out of the 54 countries in Africa, only 33 (61%) have a data
protection law in place. Meanwhile, Business Tech in an article dated July 8, 2022, said the
Department of Police gazetted its draft search and seizure rules for cybercrimes committed in
South Africa. The Gazette, which is currently open for public comment, falls under the
Cybercrimes Act which was partly introduced by President Cyril Ramaphosa at the end of 2021.
"The Cybercrimes Act provides a new legal mechanism for addressing cybercrime in South Africa,
as well as creating a range of new cybercrime offences," the department said. "It also provides for
mechanisms to preserve electronic evidence in the cyber domain, to conduct the search, access,
and seizure operations in respect of an article as defined in the CCA, and the gathering of data
connected to both cyber and other crimes that are committed by means of or facilitated through
the use of an article." The draft rules also noted that an individual's right to privacy, as well as
other fundamental rights, must always be respected, and any infringement of these rights may
only be justified in terms of the law. "The right to a fair trial is paramount, and the responsibility
of the investigation and prosecution team in terms of gathering, preserving, and presenting
evidence to a court fairly and objectively, remain of utmost importance." Without serious
cybersecurity efforts, opportunistic criminals around the world stand poised to reap the benefits
of Africa's internet growth story.
“According to a recent Interpol report, about 90% of African businesses are operating without
the necessary cybersecurity protocols and, therefore, are exposed to cyberattacks.”
One way in which businesses become victims of cyberattacks such as malware attacks is
because they use one network that all users can access. Describe how African businesses
can utilise security zones and network segregation to secure their network architectures.
The answer describes the options for managing and securing network platforms and applies to the case study.
African businesses can utilize security zones and network segregation to secure their network architectures by implementing the following measures:
1. Implementing a secure network architecture: Businesses should design their network architecture based on security principles, such as the use of a layered approach. This includes implementing firewalls, intrusion detection systems, and data encryption technologies to protect sensitive data.
2. Creating security zones: Businesses can create security zones within their network architecture to separate different types of data and users. For example, they can create separate zones for internal employees, external partners or vendors, and guest users. This segmentation ensures that if one zone is compromised, the attack does not spread to other zones.
3. Implementing network segmentation: Network segmentation involves dividing the network into smaller, isolated segments to prevent lateral movement of cyber threats. By segmenting the network, businesses can limit the impact of a potential breach to a specific segment, reducing the risk of spreading malware or unauthorized access throughout the entire network.
4. Implementing strong access controls: Businesses should implement strong access controls to regulate access to different network segments and resources. This includes using strong passwords, multi-factor authentication, and role-based access control to ensure that only authorized individuals have access to sensitive data.
5. Regularly monitoring and updating network security: Businesses should continuously monitor their network for any potential security breaches or vulnerabilities. This can be done through the use of network monitoring tools, intrusion detection systems, and regular security audits. Additionally, businesses should keep their network security systems and software up to date by regularly applying security patches and updates.
6. Providing employee training and awareness: Businesses should provide regular cybersecurity training and awareness programs to employees to ensure they understand the importance of network security and are aware of common threats, such as phishing attacks. This will help employees identify and report any suspicious activities, reducing the risk of falling victim to cyberattacks.
By implementing these measures, African businesses can strengthen their network security and protect themselves against cyberattacks such as malware attacks. Secure network architectures, along with proper user education and network monitoring, are crucial in mitigating the risks associated with the increasing cybersecurity threats in Africa.
To secure their network architectures, African businesses can utilize security zones and network segregation. Security zones are logical or physical boundaries within a network where different levels of security are applied. Network segregation, on the other hand, involves separating network resources and traffic into different segments. This can be done through various methods such as VLANs (Virtual Local Area Networks) or subnetting.
Here are some steps that African businesses can take to implement security zones and network segregation:
1. Identify and classify network resources: Determine the criticality and sensitivity of different network resources such as servers, databases, and user devices. Classify them into different security zones based on the level of access and protection required.
2. Design network architecture: Create a network architecture that incorporates different security zones. This can include setting up separate VLANs or subnets for different departments or types of users.
3. Implement access controls: Configure access controls such as firewalls, routers, and switches to enforce security policies between different security zones. This can be done by setting up firewall rules to allow or restrict traffic between zones based on specific criteria such as IP addresses, protocols, or ports.
4. Deploy network segmentation: Use network segmentation techniques like VLANs or subnetting to divide the network into smaller, isolated segments. This helps to contain potential threats and limit lateral movement within the network in case of a security breach.
5. Apply security measures: Implement security measures within each security zone, such as intrusion detection and prevention systems, antivirus software, and data encryption. Regularly update and patch security systems to protect against known vulnerabilities.
6. Monitor and manage network traffic: Utilize network monitoring tools to track and analyze network traffic between different security zones. This helps in detecting and responding to any suspicious activity or potential security breaches.
7. Train employees: Provide security awareness training to educate employees about the importance of network security and best practices for using network resources securely. This includes teaching them about recognizing and avoiding common cyber threats such as phishing and social engineering.
8. Regularly assess and update security measures: Conduct regular security assessments and audits to identify vulnerabilities and ensure that security measures are up to date. This includes reviewing firewall rules, updating software and firmware, and performing penetration testing.
By implementing security zones and network segregation, African businesses can effectively isolate and protect their network resources, reducing the risk of cyberattacks and improving overall network security.
To secure their network architectures, African businesses can utilize security zones and network segregation.
1. Security Zones: Security zones involve dividing a network into different zones based on access levels and functionality. This helps in regulating network traffic and controlling access to sensitive information. Here's how African businesses can use security zones:
- DMZ (Demilitarized Zone): Implementing a DMZ helps to create a buffer zone between the external network (internet) and the internal network. This zone contains publicly accessible servers, such as web servers or email servers. By isolating these servers in a DMZ, any potential attacks are contained within this zone, protecting the internal network.
- Internal Network Zone: This is the core area of the network where critical resources and sensitive data are stored. Access to this zone should be restricted and limited to authorized personnel only. Implementing firewalls, access control lists, and other security measures can help protect this zone.
- Guest Network Zone: For businesses that provide guest Wi-Fi access, creating a separate network zone specifically for guests is important. This ensures that guest devices are isolated from the internal network and can only access the internet.
- Remote Access Zone: Many businesses have employees who work remotely or require remote access to the network. Creating a separate zone for remote access ensures that these external connections are secure, preventing unauthorized access into the internal network.
2. Network Segregation: Network segregation involves separating different types of networks based on their security requirements. This helps to minimize the impact of a potential breach by limiting lateral movement within the network. Here's how African businesses can implement network segregation:
- VLANs (Virtual Local Area Networks): VLANs allow businesses to segment their network into multiple smaller networks within a single physical network. This enables businesses to isolate different departments, types of users, or specific services from each other, reducing the risk of unauthorized access or lateral movement.
- Subnets: Splitting the network into different subnets, each with its own IP address range, can provide additional segmentation and control over network traffic. By assigning different subnets to different departments or functions, businesses can enforce stricter access controls and better manage network traffic.
- Network Access Control (NAC): NAC solutions authenticate and authorize devices before allowing them access to the network. By implementing NAC, businesses can ensure that only authorized devices and users can connect to the network, enforcing security policies and preventing unauthorized access.
By employing security zones and network segregation, African businesses can enhance their network security by limiting access to sensitive resources, isolating potential attacks, and controlling network traffic. This approach helps to minimize the risk of cyberattacks and better protect valuable data and systems.