Cybersecurity in the African Financial Sector – 2019

Cybersecurity in the African Financial Sector – 2019

(Study carried out by Sciencetech on behalf of Dataprotect)

From prepaid card scams to fraudulent withdrawals via the Swift network and hijacking the Core Banking service, nothing is spared. Anything that can be converted into cash at the bank level is in the sights of cybercriminals. Often times, the process begins with an infection of a workstation at a branch level through an attachment attached in a received email. Trivial as it sounds, the story ends with a total takeover a few weeks later of a critical server at the financial institution’s head office. The same story is repeated from one bank to another, only the name of the institution changes and the date of the mischief.

The spectacular explosion in the number of cyberattacks in the African financial sector can be explained in large part by the emergence of the phenomenon of “crime as a service”. Today, you can buy tools on the invisible web to break passwords, mount a denial of service attack or take control of a computer remotely, and you can buy sensitive information online. mass (passport and credit card numbers, bank details, etc.) Now any criminal can have access to malicious tools without necessarily needing technical skills. The underground has grown to include actors unrelated to IT (such as former hackers), but who rather belong to organized crime.

This 56-page report + 34 tables, includes:

  • A brief presentation of the banking sector in Africa (digitization of activities, banking of the population, etc.)
  • Specificity of African cybercrime, establishment of appropriate legislation, inter-African cooperation;
  • Size and nature of financial institutions that responded to the survey;
  • An in-depth analysis of the governance of cybersecurity in African banks (structures put in place, use of subcontracting, recruitment and training, level of cyber insurance, etc.)
  • Volume and intensity of cyber attacks and impacts;
  • Description of the legal and regulatory framework and assessment of compliance with standards;
  • An assessment of cybersecurity investments made in the African banking sector with short-term forecast.

Download study highlights

please click here