Barely a week ago, I chanced upon a programme on Al Jazeera which was held under then title “a threat of cyberwarfare”. The discussants mainly underscored the exponential increase of cyber/data espionage, as one of the tools used in actual warfare.
They further noted that some governments or non-state actors are heavily engaged in cyber espionage.
Now, as a matter of practice, sensitive information is often stored in computer systems.
Once the data is not securely protected, it can be stolen and be used adversely. If the computer systems are connected to the internet, offenders can manipulate the systems and access the information remotely.
Cyber-related threats don’t necessarily require the cyber criminals or hackers to be physically in a targeted organisation. Albeit the internet advantage, it has become a gateway for organised cyber criminals.
The internet is increasingly used to obtain trade secrets as well as classified information of governments. The most common cybercrimes committed are grouped into three categories depending upon the target of the crime.
There are: ‘offences against the confidentiality, integrity and availability of computer data and systems’; ‘content-related offences’; and ‘computer-related offences’.
In the contemporary world, the value of sensitive information and the ability to access it remotely makes data espionage highly interesting. Today, the organised cyber criminals or non-state actors enter government computer systems or bank computer systems to obtain secret information and sell that information to agents from a different country.
One example is phishing, which has recently become a key crime committed in cyberspace and describes attempts to fraudulently acquire sensitive information, such as password, by masquerading as trustworthy person or business (e.g. financial institution) in a seemingly official electronic communication.
The reason being, to obtain personal bank particulars in order to steal money from a person’s account. In fact, this is one of the most growing and dangerous cybercrimes. More often than not the organised cybercriminals aggressively target financial institutions to swindle the money. It goes without saying that banks are seen as a hot cake.
Therefore, this is a wake-up call to financial institutions in Rwanda to devise stronger cybersecurity measures, otherwise they may be plunged in a terrible financial predicament.
Indeed, cyber offenders often use various techniques to access victims’ computer, including software to scan for unprotected ports or circumvent protection measures, as well as social engineering.
In the context of illegal access to computer data, sometimes the cyber criminals tend to manipulate people with the intention of gaining access to computer systems. Social engineering is usually very successful because where someone uses deceptions to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
A critical question is: how can cyber espionage be deterred or mitigated?
Creating stronger cybersecurity and legal measures to protect critical information infrastructure must be the starting point. Having these measures in place is indispensable because they’re helpful in identifying the risks the country face.
Of course, no single country is immune to cyber-related threats. As such, to government and private bodies, enhancing cybersecurity and protecting critical information infrastructures are essential to the national security as well as the economic well-being of its citizens.
Cybersecurity is not merely technical measures but a collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training best practices, assurances and technologies that can be used to protect the cyber-environment and organization and user’s assets.
This means all the above measures must be checked and revisited constantly to ensure their effectiveness and efficiency.
For legal measures are designed to address the legislative challenges posed by criminal activities committed over ICT networks. In so doing, law enforcement must ensure that these measures are conformable to the internationally recognized standards.
Effective implementation of these measures would boost morale of internet users especially with regard to confidentiality, integrity, availability and security of information. This mainly requires the government to put in place strategies encouraging information exchange in order to obtain information regarding cyber threats.
This bespeaks that the government has a major responsibility to enhance the Computer Emergency Response Teams (CERTs) and the Computer Security Incident Response Teams (CSIRTs) that constantly do vulnerability assessment. Moreover, the cyber criminals often take advantage of weakness or vulnerability of computer systems and networks.
The government has enacted relevant laws (e.g. new ICT law) as well as measures to counterattack all cyber threats, including cyber espionage, but this can’t be end of the road. In fact, war against cyber threat can never be underestimated—it is rather a ubiquitous undertaking.
Quite obviously, deterring or mitigating cyber espionage in particular can hardly be achieved without cooperation at regional and international level. It is quite important to stimulate dialogue between regional and international stakeholders.
This enables stakeholders to share their experiences and challenges and then decide how to fix them. More importantly, this approach bolsters information sharing among countries, without forgetting signing agreements for mutual legal assistance to deal with organised cyber criminals.
At the global level, however, the reality is investigations of these cyber-related crimes are generally limited due to lack of international agreements in the ICT field.
The writer is an international law expert.