In May 2022, the President of Costa Rica said his country was “at war” as cyber-criminals caused major disruptions to the IT systems of multiple government agencies, demanding a US$20 million ransom. Indeed, cyberattacks have the potential to jeopardize the efficient running of multiple state-IT systems and place the development process at huge risk. The most vulnerable in this regard appear to be developing countries with relatively weak surveillance and defensive capacities. We discussed this issue with several international development experts. Check out their opinions in this article.
Key Takeaways:
- Despite global efforts, the number of cyberattacks grows each year, targeting both industries and governments
- Poorer nations have weak cyber-security infrastructure, low inter-agency coordination and emergency responses as well as weak institutional capacity, limited ICT skills and awareness, and limited protection of critical national infrastructures
- Low-income states are targeted by both money-driven attacks (such as ransomware), and serve as training grounds for criminal groups in preparation for more ambitious attacks in developed countries
- Whilst developed nations strongly adhere to bug bounty programs and assist poorer nations to protect their national infrastructure and government systems, developing countries are still more vulnerable in this regard
- While the digitalization process in developing countries accompanies and facilitates progress in a number of key areas, these opportunities come with significant risks that could jeopardize the development and stability of poorest nations
What is the impact of poor cyber-security on the development of the poorest nations? How can governments fight this?
“Cyberattacks are perpetrated by state and non-state actors such as corporate competitors, hacktivists, organized criminal groups, opportunists and company insiders. It is now commonly known that governments are also behind cyberattacks, effectively using technology as a weapon against adversaries even in times of peace. Poorer nations have weak cyber-security infrastructure, low inter-agency coordination and emergency responses as well as weak institutional capacity, limited ICT skills and awareness and limited protection of critical national infrastructures. Cyber-attacks can thus lead to the destruction of critical network infrastructures and services, the loss of financial resources, reputational risks and heightened tensions and conflict between states or within a state. There is need to sensitize the population and raise awareness on ICTs, cybersecurity capacity building and confidence building measures. There is a need to ensure multi-stakeholder engagement amongst civil society, the private sector, academia, and technical communities. This will contribute to cybersecurity readiness and resilience and promote the development of poorer nations.”
“When it comes to the adoption of technology in developing countries, this is often market-driven, and often the cheapest viable option is considered. This offer, however, is highly likely not to be the most secure. Here are some factors that impact the security situation of an organization:
1. Information technology develops at a very fast speed – we replace our own personal devices every 2-3 years. However, when it comes to many of the connected devices in government setup and enterprises, many of the devices remain for 10-15 years. Having outdated software and hardware may introduce vulnerabilities in the system.
2. The number of state-led attacks is growing. Supply chains are globally connected and sometimes may be deliberately compromised. We have seen geopolitical tension around 5G for example, where countries are divided when it comes to the procurement and deployment of 5G equipment based on the country of origin of the equipment.
Given this context for the development of the poorest nations, we should be cautious and careful when making architectural choices for designing services for citizens. We should choose open and standardized technology solutions. Regular security exercises and awareness months should be organized for improving the security situation. Procurement for high-risk sectors and connected devices should be followed against guidelines.”
“In recent years, developing countries have experienced an exceptional increase in their exposure to information technologies, both in the digitization of public services and private enterprises and in the rapid dissemination of cell phones across their populations. This digitalization process accompanies and facilitates progress in a number of key areas and supports development goals across the social, political, and economic dimensions. However, these opportunities come with significant risks that could jeopardize the development and the relative stability of the poorest nations. Cyberattacks have become increasingly widespread worldwide and hackers find ideal targets in developing states. As such, the poorest nations are both targeted by money-driven attacks (such as ransomware) and serve as training grounds for criminal groups in preparation for more ambitious attacks in developed countries. Other risks faced by certain developing countries compound the potential consequences of cyberattacks. This is especially true in countries vulnerable to climate change (drought, wildfires) which rely heavily on the proper functioning of water facilities, or to countries that are already targeted by armed groups (Sahel, Mozambique), which could use cyberattacks to destabilize or paralyze critical public institutions. To ensure that information technologies remain an asset rather than a threat to states with weaker cyber-security capacities, it is crucial to build a strong formal and legal framework to secure critical infrastructures and the essential services they provide to populations. International and regional institutions (such as the Economic Community of West African States and the Southern African Development Community in Africa ) have a role to play in this framework as a platform for dialogue, standardization and the facilitation of competence transfers between states.”
“As information becomes more and more accessible via digitalized services, people in developing countries can only benefit. However, there is a great need to protect information and networks from abuse, misuse or unauthorized access by securing information against cyber threats. Efficient and timely policies, protective measures, compliance, and enforcement mechanisms need to be put in place in order to safeguard information in developing countries. According to Kaspersky Labs, seven of the top 10 countries targeted by Trojans designed to steal passwords were developing countries, which accounted for 92% of such Trojans globally. Cyber-crime’s footprints across the developing world are becoming more and more frequent. A number of developing countries are experiencing rapid broadband growth. Analysts argue that increased penetration of broadband in developing countries is likely to make these countries a fertile ground for hackers.”
See also: How can digital governments advance global development and democracy? | Experts’ Opinions
Check out more than 180 job opportunities in the Information & Communication Technology sector here.
