African financial institutions and governments incurred a massive $3.5 billion loss to a wave of cyber-crime attacks in 2017, a new survey released on Tuesday disclosed.According to the 2017 Cyber Security Survey, Nigeria led the pack losing $649 million, followed by Kenya at $210 million, Tanzania at $99 million, Uganda at $67 million and Ghana at $54 million.
The survey pointed out that banks and financial institutions in 10 of the African countries surveyed lost $248 million in 2017, with governments losing $204 million.
“The 2017 Cyber Security Survey shockingly reveals that over 95 percent of African businesses are operating below the cyber ‘security poverty line’, William Makatiani CEO Serianu Limited said in Nairobi.
According to the report by Africa-based Serianu, an IT services and business consulting firm, 2017 was particularly a tough period for local organizations with respect to cyber security.
“The number of threats and data breaches increased with clear evidence that home-grown cyber criminals are becoming more skilled and targeted,” the survey pointed out.
The survey warns that Small and Medium Enterprises (SMEs), which create around 80 percent of the continents jobs, face an eminent threat from cyber-attacks, due to lack of adequate cyber security controls.
“Our research reveals that that the most vulnerable SMEs are those in the financial sector such as cooperatives, Sacccos, microfinance institutions, Fin-tech service providers and mobile money transfer services,” noted the survey.
The survey gives the example of the 2017 Ransomware attack, where many African cyber security professionals were contracted by established organizations.
“At the height of the crisis, the small cyber security professionals’ talent pool was snapped up by huge multinationals that offered better incentives. This left the vulnerable SME sector completely at the mercy of cyber criminals.”
The report further r noted that SMEs in Africa are facing several challenges such as prohibitive cost of cyber security solutions, added the survey.
It has become prohibitive for these companies to adopt complex cyber security frameworks, further noted the survey, which called on African governments, consultants, and academia to find cheaper and practical ways to address the continents cyber security challenges.