Cyber-crime: Ghanaian perspective
ICT has become a crucial development tool in developing countries, despite challenges such as limited resources and education.
Online portals in education and Hospital Management Systems in health care have increased technology usage among students and medical professionals.
Advertisement
Ghana's banking industry utilises technology for convenient access, while drone applications and irrigation techniques improve agricultural yield.
Creative arts in Ghana benefit from software, digital music stores and social media apps, increasing Internet penetration and income generation.
Ghana is the first sub-Saharan African country to achieve full Internet connectivity and has a high number of mobile and Internet users.
With 16.7 million mobile subscribers, 15.1 million smartphone users, and 10.7 million mobile Internet users, Ghana had the highest mobile penetration in West Africa at 55 per cent by the end of 2019.
This growth benefits the digital economy and has led to increased technology use, with 16.99 million Internet users and a 53 per cent penetration rate.
Advancements in technology and the Internet have created a new world without visa requirements and where the physical world behaviours are exported.
Advertisement
Computers and the Internet were created to simplify life and work, but cybercrime is now a major threat.
ERP software streamlines business processes, but digital devices are still vulnerable to exploitation.
Cybercrime is a growing concern as technology advances.
Attackers
Cyber attackers can be classified based on their motivations, actions and level of sophistication.
Advertisement
They seek access to devices for various reasons, such as stealing processing power or information, weakening network performance or extortion.
They can work independently or as part of larger organisations such as nation-state intelligence agencies or criminal groups.
In 2022, the Canadian Centre for Cyber Security identified various cyber threat actors and the reasons behind their actions.
Advertisement
Nation-States/Espionage: Some countries use cyber threats to achieve their geopolitical objectives, even without a developed cyber programme.
State-sponsored actors engage in activities such as espionage, disrupting critical systems, and building networks of compromised devices for further attacks.
They may also have relationships with private sector entities and organised criminals.
Advertisement
Cybercriminals are motivated by money.
They vary in skill level and some have planning and support functions to target many victims.
Illegal online markets provide access to sophisticated attack tools.
Hacktivists use simple tools and have less skill than organised cyber criminals.
They cause reputation damage and sometimes financial and physical harm.
Advertisement
Terrorists and thrill-seekers also engage in this type of cyber threat.
Insider threats are employees who pose a risk because they have access to protected internal networks.
They may steal proprietary information for personal, financial or ideological reasons.
Advertisement
Cybercriminals
Cybercriminals use various methods to execute attacks on business-critical systems.
Among these include but are not limited to:
Malware is a harmful software that can harm computer systems.
Examples include worms, ransomware, trojans and spyware.
Other malware includes Botnet, Rookit, etc.
To avoid attacks, use strong antivirus and firewalls, and avoid clicking on suspicious links.
Social Engineering is a form of deception used to gain sensitive information to enable one to access or manipulate a system.
Phishing attacks, which use fake emails or websites to obtain passwords and credit card details are a common example.
Password attacks are attempts to guess or crack passwords to access a system or network.
Prevention includes using strong passwords with special characters, avoiding repeating passwords, and not leaving password hints in the open.
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks - Malicious attacks overload networks to cause shutdowns by sending too many packets than they can handle to exhaust their resources and bandwidth.
Man-in-the-middle (MitM) attacks: A MitM attack is when an attacker intercepts communication to steal data, modify messages or impersonate a party.
To prevent man-in-the-middle attacks, use encryption on devices and avoid public Wi-Fi networks.
Cybercrime is a serious offence that should not be justified.
It's a growing problem in Ghana, with many people thinking it only refers to cyber fraud.
This perception makes it difficult to address cybercrime.
Here are some common forms of cybercrime:
Cyber fraud: In Ghana, cyber fraud makes up 45 per cent of all cybercrime cases, where people are tricked into giving money or services illegally through the Internet.
Unauthorised Access (Intrusion): Unauthorised access is when criminals attack digital and networking systems without authorisation to steal resources, gather information, disrupt activity, or cause damage.
Examples include hacking, data breaches and website defacement.
Ghana has experienced various attacks on government and media websites.
Cyber violence includes stalking and bullying through electronic means.
The act of using the Internet or electronic devices to stalk or harass an individual, group, or organisation is known as cyberstalking.
Cyberbullying is the use of digital technologies to intentionally and repeatedly harass and cause harm to another person.
These practices are common due to ineffective law enforcement.
Charlatanic adverts: the publication in any journal or newspaper of any advertisement or notice relating to fortune-telling, palmistry, astrology or the use of any subtle craft, means or device sought to deceive or likely to deceive any member of the public.
Charlatanic adverts in Ghanaian newspapers are criminal and punishable by law.
Fake news to endanger life and property – news or stories created to deliberately misinform or deceive readers.
Fake news in Ghana is illegal, as it intentionally misinforms or deceives readers.
Indecent Image of a Child/Sexual Exploitation- any visual depiction of sexually explicit conduct involving a child which includes a photograph, video, digital or computer-generated image indistinguishable from an actual child and an image created, adapted, or modified but appeared to depict a child.
Others include: Digital/Cyber extortion, Cyber laundering, cyber terrorism, Crypto-jacking, Espionage, Stealing, unauthorised modification, identity theft, etc.
In Ghana, the traditional '419' methods haves been replaced by Cyber fraud, which includes the following:
Romance scam involves criminals using fake online identities to gain victims' trust and manipulate them into sending nude photos, demanding money and threatening to publish them if demands aren't met.
Shopping scams increase as electronic commerce becomes prevalent, where people shop online and make payments expecting product delivery but turns out to be a deception.
Gold scams involve presenting fake gold photos and videos, often containing gold-plated tungsten.
They convince victims to provide large amounts of money for transporting the gold to Accra.
Once they receive the money, they use excuses to delay delivery, claiming more money.
They also export small quantities to gain trust and supply larger quantities.
Once the trust is gained, they demand large sums of money, leaving victims frustrated.
MoMo fraud involves fraudulent acts against MoMo users using deception to deceive victims into parting with money.
Examples include Raffle Schemes, Long Service Award Schemes, False SMS and Sick Child Schemes.
These schemes involve deceiving victims into believing they won a raffle or received an award, and requesting money to settle hospital bills.
Unsuspecting victims may end up sending their own money to the fraudsters.
Police arrest schemes, romance schemes, transaction reversal, and spiritual schemes, are all carried out on social media.
Prevent
To prevent cybercrime, individuals should use strong passwords, keep software up-to-date, use antivirus software, be cautious when clicking suspicious links, enable two-factor authentication, protect personal information, back up data, educate themselves, secure their home network with strong passwords and encryption, and report cybercrime to authorities.
Regularly back up data and stay informed about the latest threats to protect yourself and your online activities.
The writer is an investigator with INTERPOL Ghana and a Cybersecurity Professional.
E-mail: shaibubaba80@gmail.com