The rate at which ICTs have advanced has resulted in increased cyber-attacks, computer, and network security breaches, Dr. Gift Machengete, the Director-General of the Postal and Telecommunication Regulatory Authority of Zimbabwe (POTRAZ) has said.
Dr. Machengete made the remarks during the virtual Forum of the World Summit on the Information Society (WSIS) 2021’s High-Level Policy Session 5 under the theme: Building Confidence and Security in the Use of ICTs that was held yesterday.
He said cyber criminals hack economic institutions, government websites, and power infrastructures, in order to steal or extort money or advance an ideological agenda.
Reported intrusions on government computer systems, networks, and websites for both developed and developing countries, he said, are enough to scare governments from adopting new telecommunications applications.
A look at WikiLeaks releases of leaked sensitive information shows the gravity of cyber threats. Publicized attacks in entities that are well-versed in technology, such as Equifax, eBay, Adobe, Yahoo, Facebook, and Google, can make any ordinary person reluctant to connect to the internet or use cloud storage facilities, let alone adopt emerging technologies and applications.
For governments, the greatest fears emanate from the threats of cyber terrorism, data breaches, espionage, and human error by employees. Fear of Cyber-terrorism, keeps every nation more alert than the possibility of an attack by a physical army, as the former can be executed at the click of a button, with consequential damage to organizations and individuals, while the latter can easily be spotted coming.
For corporate entities and businesses, the fears include competitor-driven hackings designed to steal business secrets, sabotage, and spying by competitors, in order to gain strategic advantage.
For individuals, the fears of identity theft, theft of passwords, fraud through access to bank accounts, breach of privacy, tracking of personal activity and information by tech giants and governments, technophobia, form a composite of fears.
Fears by older persons deserve special mention, as they form a psychological barrier to the adoption of ICTs. Some of them fear that they may not be skilled enough to use a particular technology and therefore steer clear of it. This explains the reluctance of some older persons to use social media.
Given these fears, Dr. Machengete said we have seen Government Departments lagging behind in computerizing their records and transaction systems, thereby continuing to use manual record systems to store data.
“For businesses, the worry that data breaches may occur due to electronic data storage, as well as electronic transactions, is not taken lightly. This is in view of the heavy fines that are levied by regulators on institutions such as Banks, Hospitals, Schools, and other businesses when a data breach occurs. Damages that can be claimed by individuals against entities in whose hands their personal data is illegally accessed make things worse. Hearing that large entities were hacked at some point makes smaller entities and governments even more reluctant to embrace technology.
“Stories about bank records and hospital records being dumped on the internet for all to see would give any ordinary person, or individual, technophobia. Individuals also fear personal information tracking by their governments and employers, as well as artificial intelligence. In this regard, they fear drones, robots, and home surveillance technology. Public reports concerning the Cambridge data analytical scandal, the Commonwealth Bank‘s loss of customer financial accounts for 20 million accounts, and the running down of a pedestrian by a self-driven car in Arizona, also exacerbate these kinds of fears,” Dr. Machengete said.
He said there are a number of ways and solutions that can be used to allay these fears and avert attacks, thereby building confidence and security in the use of ICTs.
For governments, he said the training of Government Officials on how to protect their ICT systems can improve the situation. Such training includes training on password rules, as passwords are the first line of defense against a breach. The use of secure and sophisticated hardware, as well as robust anti-virus solutions, can help not only allay fears of Cyber terrorism, data theft, and any breach of privacy, but also provide real protection.
Overall, fears for both government and corporates can be reduced through monitoring of data assets, creating an effective risk plan, which is well known and owned by employees, enforcing security protocols, providing firewall security, securing Wi-Fi networks, limiting employee access to data, and updating protective solutions, as technology improves and changes. These measures can help governments and commercial entities, as well as individuals
Dr. Machengete said for individuals, the biggest measure other than technical measures that policymakers can take, to build trust and confidence in the use of ICTs, is to have a strong and robust legal framework that can protect users.
He said perhaps the biggest confidence booster would be to ensure that the level of knowledge is synchronized from the current asymmetry between those that create and use emerging technologies and, those that regulate the technologies.
Having a robust legal framework gives assurance to users that they are protected online, the same way they are protected offline.
“In Zimbabwe, the draft Cyber Security Bill and a Data Protection bill, are essential for building trust in the use of ICTs. We have also commissioned a sizable local Data Centre and a Regional Internet Exchange Point, which gives assurance to users of telecommunication/ICTs that their personal data does not get exported. Furthermore, the country is in the process of setting up a National Computer Incidence Response Team.
“This should go a long way in building confidence and security in the use of ICTs in Zimbabwe, and other administrations may be well advised to do the same. I will leave you with one point of advice. It takes many years to build a business, a country, a customer base, a reputation, and respect, but it can take just one cyber-incident, to destroy it all, if we do not take cybersecurity seriously,” Dr. Machengete added.