Africa's Cyber WMD

Think that Russia and China pose the biggest hacking threats of our time? The virus-plagued computers in Africa could take the entire world economy offline.

BY FRANZ-STEFAN GADY | MARCH 24, 2010

Imagine a network of virus-driven computers so infectious that it could bring down the world's top 10 leading economies with just a few strokes. It would require about 100 million computers working together as one, a "botnet" -- the cybersecurity world's version of a WMD. But unlike its conventional weapons equivalent, this threat is the subject of no geopolitical row or diplomatic initiative. That's because no one sees it coming -- straight out of Africa.

Cybercrime is growing at a faster rate in Africa than on any other continent in the world, according to statistics presented at a conference on the matter in Cote D'Ivoire in 2008. Cybersecurity experts estimate that 80 percent of PCs on the African continent are already infected with viruses and other malicious software. And while that may not have been too worrisome for the international economy a few years ago (just like the continuing war in the Democratic Republic of the Congo does not affect our daily lives), the arrival of broadband service to Africa means that is about to change. The new undersea broadband Internet cables being installed today will make Africa no further away from New York than, say, Boston, in the virtual world.

Broadband Internet access will allow Africa's virus and malware problems to go global. With more users able to access the Internet (and faster), larger amounts of data can be transferred both out and inward. More spam messages in your inbox from Africa's email fraudsters will be only the beginning.

Here's how the most alarming scheme could work. From a central hub, computers across the continent could be taken over, often without the knowledge of their owners, and set up to forward transmissions (including spam or viruses) to other computers online. These new zombie computers, or "bots" (as in robots), serve the wishes of some master spam or virus originator. "One botnet of one million hosts could conservatively generate enough traffic to take most Fortune 500 companies collectively offline," Jeffrey Carr writes in his book Inside Cyber Warfare. "A botnet of 10 million hosts could paralyze the network infrastructure of a major western nation." The African continent, home to almost 100 million computers, would be a top target for botnet herders, with devastating results.

Why Africa, of all places, when surely there are computers to hack elsewhere? In short, because the continent is home to the world's most vulnerable computers. About 80 percent of the African population lacks even rudimentary knowledge of information technologies, according to a recent World Bank survey. Though Internet cafes are widespread, providers often cannot afford proper antivirus software, making computers very easy targets for skilled botnet operators and hackers.

TONY KARUMBA/AFP/Getty Images

 

Franz-Stefan Gady is an analyst at the East West Institute, which will host the First World Wide Cybersecurity Summit in Dallas, Texas, in May 2010.

Facebook|Twitter|Reddit

GIGGLINGBOB

7:54 AM ET

March 26, 2010

Cyber Xenophobia

First and foremost I feel the writers arguments for a potential "african WMD" are extremely weak and based on generalizations and rather poor statistics. Possibly just a bit of xenophobia as well.

It also seemed rather condescending towards Africa in general. The basis of this article seems to say that Africans are too stupid to protect themselves and the rest of the world, but that they are smart enough to run sophisticated hacking attacks across the globe. Seems contradictory.

Everything I would say in response to this article has already been said:

Blurring Borders » Blog Archive » Are Computers in Africa Really Weapons of Mass Destruction? http://bit.ly/9nN73H

Subsaharska - African Cyber WMD? Really? http://bit.ly/9Ud7DR

I would suggest the author give them a read.

 

GRANT

9:51 PM ET

March 26, 2010

It is entirely possible but I

It is entirely possible but I personally think it unlikely. I'll admit I could be entirely wrong, but I have some faith that technologies for internet use will follow general trends and advance sufficiently.

On another note Gigglingbob those are genuine concerns with some justification. What was said was that much of Africa is not educated in how to securely use the internet. My experience and conversations with people who worked to help set up businesses there agreed with that. They were fully capable of searching for data and the like, but they also might click on those "shoot the duck" or "sexy women waiting for you" ads. Furthermore, it does not take many people (or even more than one) to set up a botnet.

 

JOHNBRAGG

9:51 AM ET

March 28, 2010

What is missing is motivation

The Internet as a system or network is pretty good at repairing damage. If the botnets are just run by vandals, then they will amount to Internet "bad weather" and cybersecurity will keep pace or catch up.

If the botnets are run by people with a purpose, then you have to consider how taking down the Internet would make a Russian-Bolivian-Salvadoran hacker running a mostly-African botnet through a fake Denver IP address would profit from the scam.