News / National
Cyber crimes under-reported
04 Oct 2024 at 12:14hrs | Views
Despite tireless efforts made by local, regional and global state and non-state actors to curb cybercrimes, statistics continues to spike because victims shun reporting these cases and therefore suffer in silence, Zimbabwe Republic Police's Director Forensic Science, Chief Superintendent Nyasha Alford has this Thursday disclosed in Harare.
Speaking during a Cyber Security Conference, Chief Supt Nyasha Alford said that there are numerous occasions where businesses or institutions are shy to disclose that they have been scammed because of the need to protect their repute and integrity.
"Online scams are on the increase especially with the advent of artificial intelligence, though it has some benefits, it also brought suffering amongst businesses, institutions and the generality of our society," Alford said.
"Amongst several cases, there was a case where one victim was lured into a relationship with an unknown criminal. She saw the otp, forward it to the criminals before realising she made a mistake and with AI coming in, scams will be even more," Nyasha Alford added.
Alford further said the lady got to know that she has been scammed after a well-known donor called her to inquire on when she will return the money which she borrowed and it was the moment she realised she has been scammed.
"Business emails are also a subject of target by these cyber criminals. Businesses are scammed especially new employees have fallen victims," Nyasha Alford said.
"On Malware and Ransomware, we have information stealers and the next stage the criminals demand money. We have observed that there is under-reporting of these cybercrimes because people are afraid of reporting," he added.
"We have digital dating where victims are falling in love with faceless soulmates before realising that they are actually falling in love with their gadget instead," Nyasha Alford added.
It has been noted that there is no one who is immune to victimisation and people have been trapped to cyber crimes through online romantic scams or intimate extortion.
Mobile phone applications are a major source for these scams (banking trojan & scams) and are used as data harvesting tools.
Chief Supt Nyasha Alford advised the public to stop talking to strangers on their mobile devices or sharing important information which exposes them to cyber crimes vulnerability.
From an institutional point of view, these cyber criminals target top government officials, some use Chief Executive Officers Impersonation where they seek to impersonate a CEO and order an employee to make a transaction.
System breach, data compromisation and ransomware, which is a malicious programme seeking to limit users from accessing systems have all been challenges or threats associated with these cyber crimes.
In trying to combat ransomware attacks, it is important to carry out ransomware awareness campaigns, use strong security posture, join taskforces, cyber breach mechanisms, training and prevention.
In threat predictions, there is a great need to do constant research (social engineering), understand ransomware attacks, know the key infrastructure used to operate, further advancement in social engineering, among others.
Meanwhile, in a statement by the Minister of Information Communication Technology, Postal and Courier Services, Tatenda Mavetera represented and read by her deputy, Phuthi during the Cybersecurity Conference; it was disclosed that with the current digital landscape, threats faced are both complex and pervasive.
"Cybercrime is not just a technical issue; it is a societal challenge that requires a collective response. As the world evolves and adopts more disruptive technologies, more cybersecurity concerns will rise," Mavetera said.
"Nations will fall or rise on cybersecurity. Cybersecurity is not a global phenomenon but it is also a local phenomenon. We have in recent months seen local entities including banks being hacked," Mavetera added.
"Many here have had a relative call them about receiving smses asking them to click a link, we have all seen friends, associates or family members posting endless chain messages on social media groups until the number was removed from the group. In short cybersecurity is both a personal and a national threat," Mavetera further reminds.
Mavetera further said that the digital economy, as a key enabler of Vision 2030 must be guarded by the adoption and implementation of robust cyber security measures and has therefore embarked on the process of formulating a National Cyber Security Strategy which seeks to provide strategies on how to holistically safeguard information assets from the ever increasing cyber threats.
The Cybersecurity Conference concurred with the National Cybersecurity Awareness Month (October) and the discussions and lessons learnt will strengthen determination to counter cyber threats in the economy.
This year's Cybersecurity awareness month is running under the theme, "Cyber Resilience: Together We Defend, Together We Thrive".
There are alarming statistics surrounding cybercrime that underscore the urgency of constant discussions and according to the 2023 Cybersecurity Ventures report, global cybercrime costs are expected to reach an astounding $10.5 trillion annually by 2025.
This figure is not merely a number; it represents the financial, emotional, and reputational toll on individuals, businesses, and governments.
In 2022, a staggering 105% increase in ransomware attacks was recorded as compared to the previous year thereby affecting countless organisations and disrupting critical services.
Over 80% of reported security incidents were attributed to phishing attacks, highlighting the vulnerabilities that exist even in well-guarded systems.
The average cost of a data breach soared to $4.35 million, emphasizing the need for comprehensive cybersecurity strategies and these statistics are a stark reminder of the challenges face timeously.
It is high time that local, regional and global actors propose for cyber resilience which is about more than just prevention; but about their ability to prepare for, respond to, and recover from cyber incidents.
It calls for a proactive approach that integrates technology, processes, and people, which must be fostered through a culture of cybersecurity awareness and collaboration across all sectors.
The Government, business community and individuals (each) have a crucial role in this endeavour by sharing knowledge, resources, and best practices, which create a robust defence against cyber threats and ensure that they can thrive in the digital age.
In an effort to consider how to unite in order to enhance cyber resilience, public-private partnerships are vital in developing innovative solutions that address the ever-evolving landscape of cyber threats, investment in education and training, equipping workforce with the skills necessary to combat cybercrime effectively, strong regulatory frameworks and policies which will guide organisations in establishing comprehensive cybersecurity measures.
In 2021, government promulgated the Cyber and Data Protection Act with a view to criminalising a wide range or cyber crimes such as phishing, identity theft, hacking, cloning and malware victimisation.
It also created mandatory requirements and guidelines for Data Protection Officers and Data handling respectively.
Speaking during a Cyber Security Conference, Chief Supt Nyasha Alford said that there are numerous occasions where businesses or institutions are shy to disclose that they have been scammed because of the need to protect their repute and integrity.
"Online scams are on the increase especially with the advent of artificial intelligence, though it has some benefits, it also brought suffering amongst businesses, institutions and the generality of our society," Alford said.
"Amongst several cases, there was a case where one victim was lured into a relationship with an unknown criminal. She saw the otp, forward it to the criminals before realising she made a mistake and with AI coming in, scams will be even more," Nyasha Alford added.
Alford further said the lady got to know that she has been scammed after a well-known donor called her to inquire on when she will return the money which she borrowed and it was the moment she realised she has been scammed.
"Business emails are also a subject of target by these cyber criminals. Businesses are scammed especially new employees have fallen victims," Nyasha Alford said.
"On Malware and Ransomware, we have information stealers and the next stage the criminals demand money. We have observed that there is under-reporting of these cybercrimes because people are afraid of reporting," he added.
"We have digital dating where victims are falling in love with faceless soulmates before realising that they are actually falling in love with their gadget instead," Nyasha Alford added.
It has been noted that there is no one who is immune to victimisation and people have been trapped to cyber crimes through online romantic scams or intimate extortion.
Mobile phone applications are a major source for these scams (banking trojan & scams) and are used as data harvesting tools.
Chief Supt Nyasha Alford advised the public to stop talking to strangers on their mobile devices or sharing important information which exposes them to cyber crimes vulnerability.
From an institutional point of view, these cyber criminals target top government officials, some use Chief Executive Officers Impersonation where they seek to impersonate a CEO and order an employee to make a transaction.
System breach, data compromisation and ransomware, which is a malicious programme seeking to limit users from accessing systems have all been challenges or threats associated with these cyber crimes.
In trying to combat ransomware attacks, it is important to carry out ransomware awareness campaigns, use strong security posture, join taskforces, cyber breach mechanisms, training and prevention.
In threat predictions, there is a great need to do constant research (social engineering), understand ransomware attacks, know the key infrastructure used to operate, further advancement in social engineering, among others.
Meanwhile, in a statement by the Minister of Information Communication Technology, Postal and Courier Services, Tatenda Mavetera represented and read by her deputy, Phuthi during the Cybersecurity Conference; it was disclosed that with the current digital landscape, threats faced are both complex and pervasive.
"Cybercrime is not just a technical issue; it is a societal challenge that requires a collective response. As the world evolves and adopts more disruptive technologies, more cybersecurity concerns will rise," Mavetera said.
"Nations will fall or rise on cybersecurity. Cybersecurity is not a global phenomenon but it is also a local phenomenon. We have in recent months seen local entities including banks being hacked," Mavetera added.
"Many here have had a relative call them about receiving smses asking them to click a link, we have all seen friends, associates or family members posting endless chain messages on social media groups until the number was removed from the group. In short cybersecurity is both a personal and a national threat," Mavetera further reminds.
Mavetera further said that the digital economy, as a key enabler of Vision 2030 must be guarded by the adoption and implementation of robust cyber security measures and has therefore embarked on the process of formulating a National Cyber Security Strategy which seeks to provide strategies on how to holistically safeguard information assets from the ever increasing cyber threats.
The Cybersecurity Conference concurred with the National Cybersecurity Awareness Month (October) and the discussions and lessons learnt will strengthen determination to counter cyber threats in the economy.
This year's Cybersecurity awareness month is running under the theme, "Cyber Resilience: Together We Defend, Together We Thrive".
There are alarming statistics surrounding cybercrime that underscore the urgency of constant discussions and according to the 2023 Cybersecurity Ventures report, global cybercrime costs are expected to reach an astounding $10.5 trillion annually by 2025.
This figure is not merely a number; it represents the financial, emotional, and reputational toll on individuals, businesses, and governments.
In 2022, a staggering 105% increase in ransomware attacks was recorded as compared to the previous year thereby affecting countless organisations and disrupting critical services.
Over 80% of reported security incidents were attributed to phishing attacks, highlighting the vulnerabilities that exist even in well-guarded systems.
The average cost of a data breach soared to $4.35 million, emphasizing the need for comprehensive cybersecurity strategies and these statistics are a stark reminder of the challenges face timeously.
It is high time that local, regional and global actors propose for cyber resilience which is about more than just prevention; but about their ability to prepare for, respond to, and recover from cyber incidents.
It calls for a proactive approach that integrates technology, processes, and people, which must be fostered through a culture of cybersecurity awareness and collaboration across all sectors.
The Government, business community and individuals (each) have a crucial role in this endeavour by sharing knowledge, resources, and best practices, which create a robust defence against cyber threats and ensure that they can thrive in the digital age.
In an effort to consider how to unite in order to enhance cyber resilience, public-private partnerships are vital in developing innovative solutions that address the ever-evolving landscape of cyber threats, investment in education and training, equipping workforce with the skills necessary to combat cybercrime effectively, strong regulatory frameworks and policies which will guide organisations in establishing comprehensive cybersecurity measures.
In 2021, government promulgated the Cyber and Data Protection Act with a view to criminalising a wide range or cyber crimes such as phishing, identity theft, hacking, cloning and malware victimisation.
It also created mandatory requirements and guidelines for Data Protection Officers and Data handling respectively.
Source - Byo24News