Trending News

Navigating the Cyber Frontier: Safeguarding Our Digital World Amidst Technological Advancements

Source: Nicolinn Nana Adjowa Kwaw

Navigating the Cyber Frontier: Safeguarding Our Digital World Amidst Technological Advancements
MarryRight Ghana

The world is evolving with technology, trains of thoughts of new ideas keep coming up in the technology fraternity. As much as these ideas are intriguing to sight and may be convenient to solve problems with click of a button, it is also of equal importance to note that the use of tech devices including mobile phones, laptops, desktop computers, any electronic systems or networks by individuals or organizations can be prone to cyber threats. By limiting cyber threats to companies with large infrastructures and government boards amongst others, we overlook the facts that just any device having access to the internet is susceptible. Therefore, as data breaches become more pervasive in our interconnected world, so must our understanding of modern-day cyber-attacks. 

Join me on this exploration of the modern cyber-landscape, where I aim to shed light on the pressing need for vigilance and awareness in an era where the lines between the digital and physical worlds become increasingly indistinct. While technology continues to reshape our world, it's essential to recognize that the dangers evolving alongside it are equally dynamic.

Across Ghana, online financial transactions have become popular because of the masses connecting digitally through online banking services and mobile wallets. However, while we engage in these transactions and receive payments there may be a potential risk of cybercrime. According to Dr Antwi-Boasiako who is the Director-General of the Cyber Security Authority, speaking at the media launch of the National Cybersecurity Awareness Month in Accra mentioned that statistically, Ghana has recorded GH₵49.5 million direct financial losses through cyber fraud activities between January and June, this year. The figure constituted only a fraction of cases that were reported to the state agencies while financial losses of unreported cases could exceed the amount reported.[1]

Cyber is a prefix that denotes a relationship with information technology (IT). Anything relating to computing, such as the internet, falls under the cyber category. Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.[2] Cyberattacks are unwelcome attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems. For cybersecurity threats, you are at a risk of encountering a cyber-attack. To wit, one must develop threat intelligence to fight attacks that may cause total loss of data, breaches of personal information of clients and other consequences.

Types of Cyber threats

The threats countered by cyber-security are three-fold:

  • Cybercrime:  Cybercrime refers to any crime that involves a computer and a network. Cybercrime is the use of Internet attacks in criminal activities. These criminal activities exploit vulnerabilities in the digital realm and can have various motives, including financial gain, personal pleasure, political objectives, or malicious intent.
  • Cyberterrorism: Cyberterrorism, in general, can be defined as an act of terrorism committed using cyberspace or computer resources (Parker 1983). Cyber terrorists use cyberattacks and hacking techniques to disrupt critical infrastructure, cause widespread damage, steal sensitive information, or spread propaganda with the aim of achieving their objectives.
  • Cyber-attack: This is the use of Internet attacks in criminal activities, including acts of deliberate, large-scale disruption of computer networks, especially computers of personal use attached to the Internet, by the means of tools such as computer viruses.[3]

How are cyber threats executed? 

The following are some of the methods used by cybercriminals, attackers, or terrorists to initiate their activities to advantage of vulnerable systems. Cybersecurity has become a growing concern to the nation, the preponderance of cyber threats against many enterprises, individual users of tech devices and what have you. 

  • Malware: This is a malicious software that has been designed to cause disruption to a computer system and gain unauthorized access to information or systems, depriving users access to information or which unknowingly interferes with the user's computer security and privacy. It is often spread via an unsolicited email attachment or legitimate-looking downloadable links. Once the malware is installed, it can monitor user activities, send confidential data to the attacker, and assist the attacker in penetrating other targets within the network [4]. The most common types of malwares include viruses, worms, trojans, ransomware, bots or botnets, adware, spyware.
  • Phishing: This is a social engineering attack in which cyber criminals trick victims into handing over sensitive information or installing malware. Cyber-attackers send fraudulent correspondence that seems to come from legitimate sources, usually via email. The email may urge the user to perform an important action or click on a link to a malicious website, leading them to hand over sensitive information to the attacker, or expose themselves to malicious downloads.
  • Denial-of-service attack: The objective of a denial of service (DoS) attack is to overwhelm the resources of a target system and cause it to stop functioning, denying access to its users. It is also a method used by cybercriminals to prevent a computer system from fulfilling legitimate requests by overwhelming the networks and servers with traffic. This renders the system unusable, preventing an organization from carrying out vital functions.
  • Advanced persistent threats (APT): When an individual or group gains unauthorized access to a network and remains undiscovered for an extended period of time, attackers may exfiltrate sensitive data, deliberately avoiding detection by the organization’s security staff. APTs require sophisticated attackers and involve major efforts, so they are typically launched against nation states, large corporations, or other highly valuable targets.
  • Online Fraud: Cybercriminals engage in various forms of online fraud, such as e-commerce fraud or even fake investment schemes. They create fake websites or online marketplaces to deceive individuals into making payments for goods or services that are not in existence.

The Relationship Between Cybercrime and Anti-Money Laundering(AML)

Cybercrime and Anti-money Laundering are two interconnected aspects in relation to financial crimes and illicit activities. According to the International Monetary Fund (IMF), money laundering requires an underlying, primary, profit-making crime (such as corruption, drug trafficking, market manipulation, fraud, tax evasion), along with the intent to conceal the proceeds of the crime or to further the criminal enterprise.[5] These criminals disguise the original source of the proceeds for it to appear on the face of records as legitimate.

Anti-money Laundering in simplest terms refers to laws that prevent the use of illicit funds as legitimate funds. Most financial institutions have set up Anti-money laundering to achieve compliance with the legal requirements to actively monitor for and report suspicious activities.

AML upon its set-up in these institutions play an important role that when effectively implemented will mitigate the adverse effects of criminal economic activity and promotes integrity and stability in financial markets.

Anti-Money Laundering has received statutory blessings by the enactment of the Anti-Money Laundering Act 2020 (Act 1044) which has intensified Ghana’s efforts towards the fight against money laundering. Pursuant to Section 1 of (Act 1044), “a person is charged with the criminal offence of money laundering if, the person knows or ought to have known that a property is or forms part of the proceeds of unlawful activity and the person (A) convert, conceals, disguises or transfers the property for the purpose of (i) concealing or disguising the illicit origin of the property or (ii) assisting any person who is involved in the commission of the unlawful activity to evade the legal consequences of the unlawful activity. (B) conceals or disguises the true nature, source, location, disposition, movement or ownership of, or rights to, the property or ( C) acquires, uses or takes possession of the property knowing or suspecting at the time of receipt of the property that the property is or forms part of the proceeds of unlawful activity.”

The Act imposes stringent sanctions for various money laundering infractions in the form of fines and imprisonment subject to Section 4 of (Act 1044). An individual who commits money laundering is liable on summary conviction to a fine not less than 100% and not more than 500% of the proceeds of the crime and in the case of a corporate entity, a fine of not less than 300% of the proceeds of the crime, also a term of imprisonment of not less than twelve months and not more than ten years. The Financial Intelligence Centre is established under the AML Act 1044 to assist in the fight against money laundering, tax evasion, financial terrorism and any other unlawful activity. As part of its functions, the FIC must collaborate with investigating authorities and security and intelligence agencies. The Centre is also authorized to share information with foreign counterpart agencies that perform similar functions.[6] 

The Securities and Exchange Commission (SEC) is one of the Supervisory Bodies in the Financial Sector which is empowered by the AML Act 1044  to assist Capital Market Operators (CMOs) to comply with all the AML legislation. The Securities and Exchange Commission is a body responsible for regulating, innovating and promoting the growth and development of an efficient, fair and transparent securities market in which investors and the integrity of the market are protected. A successful anti-money laundering program involves using data and analytics to detect unusual activities. This is done by monitoring transactions, customers and entire network behaviours.

Through cybercrimes, money can be laundered. Cybercriminals often generate illicit proceeds through various cyber activities such as hacking, identity theft, phishing and online fraud. When that happens, the proceeds or gains need to be laundered to appear genuine.

Cybercrime and anti-money laundering are closely related because cybercriminals often rely on financial systems to launder their illegal proceeds and AML regulations are designed to detect and prevent such activities. As cybercrime continues to evolve, AML measures need to be more effective to address the challenges posed by these illicit financial activities.

Conclusion

Our present environment is characterized by an elevated risk of cyber threats. This heightened vulnerability is a direct result of the pervasive use of technology, which has greatly facilitated online business activities but has also left us more exposed to cybercriminal activities. The frequency of individuals falling victim to these threats is steadily increasing day by day. It is essential that we promote cyber threat awareness through accessible educational materials. Also, the educational materials should be in multiple languages of the local dialect and advocate for companies to prioritize cybersecurity.