Cyber threats are taken seriously across the world especially by developed countries and regions. This is because a majority of the countries have invested a lot of money and security formalities in computer technologies. Their major power bases are halted on technological innovation with encryptions that best ensure cyber safety. Regions such as Europe, Asia and Australia are amongst the most invested in cyber space. Nevertheless, Middle-East and African countries are also getting their way into the technological arena to secure themselves bits of cyber space within which they can claim territorial rules and establish protective measures to prevent the cyber threats.
The gaps in this study is to asses and evaluate the cyber threats in the Middle East, Europe, Africa and other regions including the relevant differences in global security outlook across these regions. The paper will also discuss the security competences of these regions in regard to cyber threats. The cultural issues that make cyber security more difficult to deal with in these regions will also be addressed. The regional policies, decision making skills, cyber researches are some of the turning points that will be evaluated to sight how significant the region’s interventions can mitigate cyber security threats.
Key words: Cyber Security threats in Middle East, Europe, and Africa, differences in the security outlook, cultural factors and the regional competences.
Cyber threats are real and have devastating effects in the event that a cyber security is breached. There are cultural contributions towards development of cyber weapons to cause attacks to databases around the world. The technological know-how in different regions gives the gang groups in those regions an upper hand to cause attacks to other organizations and even other countries as was observed in Georgia (Frank, & Brynielsson, 2014). Moreover, cyber hackers can find their ways through the cyber security policies by developing technologies that can remotely and wireless synch through a server and access protected information and then leave the website undetected.
Such instances have widely been brought up to the international community, mandated to develop cyber space policies (Frank, & Brynielsson, 2014). This paper will focus on the cyber threats in the Middle East and Africa, the cultural contributions leading to cyber threats as well as the Effective roles played by NATO and UN in the cyber safety in these regions. The factors that are likely to make a country in these regions ignorant or aggressive towards cyber security will also be addressed.
Cyber Security Threats in Middle East
A study was conducted in 2016 and availed to Saudi Arabia revealing that Middle East was the region faced with the highest numbers of cyber attacks and cyber security threats. The article illustrates that despite the Middle Eastern companies’ efforts to register with cyber security insurance firms as well as venturing into cyber security technological advancements, the companies still lack adequate support from the government, workers and are often betrayed by the program developers by hacking the very system that they were contracted to protect (Huntley, 2010). The challenges are constantly increasing especially with the expanding innovations in the cyber weapons globally. 85% business losses were realized in 2015, secondary to cyber security breaches. This is far much beyond the global average of 79% after all the countries in the world have been combined. The article’s report gazetted in Saudi’s newspaper illuminated that a single company can have as many as 5000 cyber attacks in a year, making Middle East to be ranked as the region with the highest cyber attacks than any other region (Huntley, 2010).
Companies in the Middle East view cyber security attacks as a mere technological failure such that a majority of the crimes go undetected. The approach itself is encouraging cyber threats. Cyber technologists have constantly indicated that a cause of a technological failure must be thoroughly investigated on and be determined before it can be concluded on as a technological failure (Schmitt, 2013).
A misconception that adherence to the expected standards of a cyber security is enough to protect it against cyber attacks is a lie. The cyber security standards form a framework that gives basic guidelines toward implementing security in facilities. It is thus up to the companies to fit into the systems and develop extra security strategies that can keep them totally safe and even give them opportunities of identifying the hackers and triangulating their IP addresses as observed in the European and Western countries (Schmitt, 2013).
The companies have reported little training on employees on how to know and detect cyber threats and attacks. Research has shown that most of the cyber securities attacks can be conducted at the time when employees are available running computer programs without ever noticing. This is a knowledge deficit in this region. The most reported attacks are increased numbers of spam emails and phishing attempts. The same article by Fattouh reveals that close to all cyber threats and weapons have been used in the Middle East with new ones coming into existence on a daily basis (Turner, 2014). Companies in the Middle East are thus urged not only to focus on the used attacks but also to engage in further technological studies of their security gaps that are vulnerable to attacks (Turner, 2014). The companies should also trend with the evolving technology so that they scrutinize an invention in terms of advantages and limitations before inculcating it into the company’s system.
Contributions of Cyber Threats in Middle East
One of the major factors contributing to cyber threats in the Middle East is cultural background. Majority of women in the region lack education and do not fully exploit their expertise in assisting in development of programs that can reduce cyber threats. Research has shown that if only the Arab world gave their women equal opportunities like they gave men, with the natural resources that they have, the region would be one of the post modern in terms of development (Turner, 2014). The ignorance is far much spread to the extent that the few women who are privileged to have little education cannot fully display their skills due to their limitations.
Countries in the Middle East have also taken too much emphasis on religion which is a good thing but in real sense the growth of a country should be holistic just like that of Rome. Ethical studies describe most of the Arabic culture as ‘lazy’. The inference is that most of the Middle Eastern do not have that much of a working culture (Turner, 2014). A typical example is observed in some of the countries perceived as better developed in the Middle East; United Arabs Emirates, has more than 45% of its work force being from other countries around the world. No other country has ever registered that percentage.
The other contributing factor for the cyber threats is the dictatorial systems of governance that is dominant in the Middle East. Some of the victims who have launched attacks, most of which targets the Saudi Arabian government, have responded that the attacks are a part of activism that the true patriots of their countries wants to use in removing the government out of power (Yang, 2014). The ideology is a long short given that most of the Arabic countries are not that much technologically equipped. The attacks could work though especially when they are able to access crucial databases for Saudi Arabian and the government banks. The Irony behind this is that the attacks are not even conducted by the Saudi Arabians themselves. Most of the attacks are traced back to Iran and Iraq, launching an economic war against the Saudi Arabia and Qatar.
Oil and gas is also a major contributor of the cyber threats in the Middle East. The two countries have the largest oil supplies to the international buyers (Yang, 2014). The main reason why the attacks would be prominent is to divert gas and oil supply machines to channel oil to hackers intended directions. Saudi AMERCO and Shamoon are amongst the oil and gas supplying companies which have frequently had malwares dues to cyber attacks (Yang, 2014).
Most of the gang organizations also launch attacks on the Middle Eastern companies so that they can sell confidential information about the companies to the black market. Financial security codes can be hacked and resources diverted to regions where the companies cannot easily trace. It is because of this that the region is considered to be having the most complex cyber laws (Carr, 2011).The updates cyber laws reviewed in 2012 passes even more serious punishments against individuals caught as hackers. They could be jailed for a period not less than 12 years.
Cyber Security Threats in Africa
Africa is said to be the continent in the move and most of the countries currently have access to technology. It is also the continent that is filled with the highest illegal activities across the entire globe (Carr, 2011). For a long time now, impersonations have occurred in circumstances where people who pretend to be well known individuals, ask for critical details such as banks accounts and pin numbers. Due to insufficient information and the ease with which people are duped, massive amounts of money have been lost through such tactics.
The tactics have changed and hackers are directly phishing amounts from people’s account without their approval. For instance, a cyber security report recently revealed that Kenyan businesses are losing close to $147 million annually. The BBC News was able to contact one of the Kenyan computer technologists, who showed him how websites were vulnerable and how companies lacked proper securities (http://www.bbcnews.com). He could quickly access the company’s website and upload his data and leave unnoticed. He reported that most of the companies could go up to one year without knowing that they have been hacked. Most of them realized that only after losing money.
Contributing Factors to Cyber Security Threats
African countries are both behind technologically and education wise. Technology is not given priority as most of the countries are poor. In fact, some of the countries in Africa have areas without telephone lines and communication is still via the traditional means of letters or messengers (http://www.bbcnews.com). Those who get to learn about computing systems do so later in their lives, either in high school or in universities. Still, the education is theory oriented and the computer science students just have basic information regarding such courses. The few who have little insight on cyber threats and security have had the information from international communities and the few are peaked cream rushed for by companies around the countries.
South Africa is the only country so far that has shown tremendous progress when it comes to technology and security pro-actions. South Africa can be ranked at the same level with most of the developed countries in terms of Technology and Cyber security (Ahmore, 2009). If anything, most of their staffs are the CEOs of major communication companies around Africa. For instance, Bob Collimore is a South African citizen managing Safaricom in Kenya, one of the biggest communication networks in the entire East Africa. The mobile company is offering ‘M-Pesa’services which allows sending and withdrawal of money through agents distributed across the country (http://www.bbcnews.com). The company has reported occasional malpractice amongst the staffs that pose major threats to security of the company.
Employees across Africa have limited knowledge when it comes to measures to be taken to reduce cyber threats to a company. Despite the fact that a majority are graduates and qualified for IT jobs, cyber security is still plainly new information to them according to a report revealed by the South African IT team. The report by Graham Crook showed that WIFI system is the worst and countries and institutions that are using public WIFI stand the greatest risks of attacks given that allowed access could potentiate much easier access to servers.
The other cause of vulnerability of the African companies and institutions to cyber threats is government ignorance. Most of the government agencies especially in Ghana take advantage of the situations to fully breach security systems of most citizens Ahmore, W. C. (2009). Other governments of Africa have shown not only recognition but also least prioritization of the entire IT system not knowing that it is one of the most risky sectors in the countries.
Effectiveness of NATO and UN
NATO and UN are international organizations that have brought close to all the countries together with a sole purpose of reducing conflict and ensuring equity and territorial sovereignty. The two organization have enabled countries to jointly come together to discuss matters relating to cyber space (Herzog, 2011). NATO significantly has shown relevant contributions especially in participating in the subduing of the cyber space and development of the cyber security laws. The UN has provided forums where countries with complaints can effectively raise them and issues tackled according to the best knowledge (Herzog, 2011).
UN has also participated in protecting the rights of the developing countries so that they are not overlooked in the due process of dividing the cyber space. NATO and UN have collectively stopped the influence of larger economic countries to dominate the cyber space as has been the goals of most countries. The two organizations have taken the leading step in spotting gaps that exists within countries and advised on the means to improve and even stop cyber security attacks so that the millions of money lost can be avoided (Herzog, 2011).
In a decade to come, NATO and UN shall have reviewed better cyber laws that functions to mitigate any form of conflicts that might arise between countries. New technological innovations shall by then be adopted and some of the current laws and regulations will become obsolete. It is the duty of these two organizations conduct adequate research and constantly become updated with the new technologies (Ohlin, Govern, & Finkelstein, (Eds.), 2015). Most of the developing countries will by that time have increased awareness on matter relating to cyber crime and it is the role of the UN and NATO to give adequate orientation and guidelines to such countries especially on the significance of respecting other countries cyber space. The UN and NATO monitor and regulate any efforts by the large economies to dominate the cyber space.
Why Some Countries Lack Interest on Cyber Issues?
Most of the developed countries have taken cyber security with a lot of seriousness given that their fate is mainly defined by technology. Such countries like USA, Russia, China, Japan India and UK are amongst the countries with more complex cyber security concerns. Nevertheless, developing countries have shown very little priority of the cyber security (Ohlin, Govern, & Finkelstein, (Eds.), 2015). Research has shown that the cause of such eventuality is the state of economy that these developing countries have. Cyber security is a major concern and requires billions of dollars to be established and manned. Most of these countries cannot afford such kinds of money when the majority of its citizens live below a dollar on a daily basis (Ohlin, Govern, & Finkelstein, (Eds.), 2015).
The systems of education in both Middle East and Africa are still not delivering the expertise training that mainly instils the skills of cyber security. This has led to massive shortage of the cyber security personnel to help n reducing some of the cyber threats in the regions. Poor governances across these regions are also contributing factors to such reluctance in cyber security (Ohlin, Govern, & Finkelstein, (Eds.), 2015). The corrupt leaders especially in Africa are always looking for loop-holes to siphon the national resources are will use any political influence at their disposal to pass regulations that will block such paths. The national budget keeps rising and the utilization of the money is for the few and by the few.
IT is given a lesser priority given that most of the regions have not even had electricity lines for the start. Food is the main objective of these communities which eat from hand to mouth. It is not their fault but that of the faulty governments which encourage embezzlements of funds instead of utilizing them effectively to bring long lived change in the lives of the citizens.
What can be done?
UN, NATO and other international organizations should step in the process of creating awareness and improving computer literacy in the young African people. The organizations should work hand in hand with the AU to ensure that corrupt leaders who have refused to step down or give chance to other better leaders are not condoned in the continent (Carr, 2011). Food crisis is a real factor and of course it comes first even before technology. Better farming skills and technologies should be share with these African countries whose major output are agricultural materials (Wei, Lu, Jafari, Skare, & Rohde, 2010). Technological awareness creation and investments in the continents should be highly encouraged.
Cyber security threats can cripple a good company back to zero. Hackers exploit any available opportunity that they see at any time. This call for extra-vigilance protocols that can ensures that the companies are safe at whatever time of day and night. UN and NATO should champion the process of ensuring equity at all times in subdue of the cyber space. The two organizations are the largest in the world and should implement the democratic rule of the many. Employees and cultural behaviours have so much contributed to the increase in the cyber threats and the countries in the Middle East and Africa must take effective approaches towards empowering their women who are the majority according to the Census done in 2010.
Frank, U., & Brynielsson, J. (2014). Cyber situational awareness-a systematic review of the literature computers and security, 46, 18-31.
Huntley, T. C. (2010). Controlling the use of force in cyber space: The application of the law of armed conflict during a time of fundamental change in the nature of warfare. Naval L. Rev., 60, 1.
Schmitt, M. N. (2013). Tallinn manual on the international applicable to cyber warfare. Cambridge University Press.
Turner, R. (2014). Tackling the DDoS threat to banking in 2014. White Paper of Akamai.
Yang, G. (2014). Political contestation in Chinese digital spaces: Deepening the critical injury. China Information, 28(2), 153-144
Carr, J. (2011). Inside cyber warfare: Mapping the cyber underworld. “O’Reilly Media, Inc.”
Ahmore, W. C. (2009). Impact of alleged Russian cyber attacks. ARMY COMMAND AND GENERAL STAFF COLL FORT LEAVENWORTH KS SCHOOL OF ADVANCED MILLITARY STUDIES.
Herzog, S. (2011). Revisiting the Estonian cyber attacks: Digital threats and multinational responses. Browse Download This Paper.
Ohlin, J. D., Govern, K., & Finkelstein, C. (Eds.). (2015). Cyber war: law and ethics for virtual conflicts. OUP Oxford.
Wei, D., Lu, Y., Jafari, M., Skare, P., & Rohde, K. (2010). An integrated security system of program.