Taking on the virtual bully

Both gov’t and private sector must invest, but only in ventures that are acceptable. Only with a supportive public can we truly make a mark in fighting cybercrime


BY malusi world

From the time of the first industrial revolution that introduced the steam engine to the current revolution that very much revolves around technology in almost every sector, the world is constantly evolving. Thanks to the fourth industrial revolution, the business ecosystem around the globe has changed – for the better might I add – due to the integration of new technologies and the rising interconnection of systems.

However, despite Industry 4.0 bringing about opportunities to optimise costs, innovation, diversification and agility, it also brings with it new risks such as cyber-attacks. This is quite the problem, as the number of people connected to the internet continues to increase. According to the Digital in 2017 Global Overview Report, in 2017 the number of Internet users in the world stood at 3.8 billion which accounts for 51% of the world’s population. This was an increase from 2015 where the number stood at 2 billion.

As a direct result, according to the Economic Impact of Cybercrime— No Slowing Down report, the cost of cyber-crime to the global economy rose from Sh50.4 trillion ($500 billion) in 2014 to Sh60.5 trillion ($600 billion) in 2017. As a result of its relentless, undiminished and near impossible-to-stop nature, cybercrime has currently become one of the biggest threats to the world. So far the world has been hit by different cyberattacks including the likes of NotPetya/ExPetr, WannaCry, and Bad Rabbit as well as the data breaches at Yahoo and Uber.

Cybercrime is indeed a problem for the world; however, for Africa, it is riskier as it threatens all the businesses in the continent. This can be attributed to the fact that despite the continent having limited telecommunications infrastructure, it is the target for most cyber-attacks.

According to the Africa cyber security report 2017, cyber-attacks cost African businesses Sh350 billion ($3.5billion) annually. The sectors that are most affected include the government, mobile-based transactions, e-commerce, as well as banking and financial services. With Africa adopting more, new technology, one can only expect the costs for cyber-crime to go up if things remain the same. This puts African businesses in danger as according to William Makatiani, CEO at Serianu limited, over 95% of these businesses operate below the cyber security poverty line.

Kenya is among the most targeted countries in the world by cyber criminals. In fact, according to the cyber security report, the country is among the top countries in Africa that have been most affected by cyberattacks, costing the economy Sh21 billion ($210 million) annually. Ken Munyi, Country Manager at iWayAfrica Kenya, believes that the rising cases of cyberattacks are a cause for concern for the country.

Mainstream media feels the law will also affect investigative journalism, as whistle-blowers will won’t have the same boldness they have displayed before

The recently passed Computer Misuse and Cybercrimes Act 2018 is expected to combat these problems by preventing cybersquatting, cyberterrorism, phishing, computer fraud, cyber bullying, credit card fraud, identity theft and impersonation, interception of electronic messages or money transfers, and wrongful distribution of obscene or intimate images.

The bill not only focusses on ways of preventing cyber-attacks but also includes methods for investigating and punishing those who have committed cyber-crimes. For instance, the law includes the authorisation of searching and seizing stored data as well as the permission to be able to intercept data in real time. In addition, it has provisions for penalties for hackers.

The law also creates the National Computer and Cybercrimes Coordination Committee, whose mandate is be to advise the government on security related matters that relate to mobile money, trust accounts, critical information infrastructure systems and the upcoming blockchain technology. 

Regardless of some of its good intentions, the law has come under immense criticism from various agencies such as the Media Council of Kenya, The Law Society of Kenya (LSK), the Bloggers Association of Kenya (BAKE), and the Committee to Protect Journalists, who feel that the law is against the freedom of expression and the right to privacy. According to Kennedy Kachwanya of BAKE, Kenyans must guard their hard-earned rights and freedoms. He believes that Kenyans need to stand up to protect, defend and uphold the Constitution as expected.

Its criticism is on sound grounds. For instance, despite the law criminalising the publication of false information and hate speech, it has failed to give a clear definition of what is deemed false information or hate speech and what is protected under the law.

This immediately creates problems for a country where many people usually share their opinions and views online. This means, for example, if one was to share their opinion on public figure, one might be severely punished for voicing an opinion. There is real fear the Act could be misused to settle scores and curtail the right to free speech.

Mainstream media feels the law will also affect investigative journalism, as whistle-blowers will won’t have the same boldness they have displayed before.

Additionally, the law allows for a search without a warrant if a crime is reported on the crime reporting database that is to be set up under the law. This allows the government to put the involved parties under surveillance which will see their right to privacy of the public infringed upon.

It is a good thing that the government is taking cyber-crime seriously, but, there is a need to amend it in order to not only protect the people from cyberattacks but to also ensure that the rights of Kenyans’ rights and liberties are not violated in the process.

Only with a supportive public can government truly make a mark in fighting cybercrime. On the other hand, organisations must spend more on cybersecurity to set up systems that can adequately identify and deter threats.(



Please enter your comment!
Please enter your name here