Cyber-security in developing

countries

GEK1531 Introduction to Cybercrime (Sem 2/2015)

Kuek Jing (Group 14)
A0111098L

Context

Technological progress does not stop at

developed countries

Developing countries benefit by adapting and

absorbing foreign technology

Technological progress brings about negative

impacts to both developing and developed
countries

Prevalence of cyber criminal activities in developing

countries due to lack of regulatory infrastructure
Negative impacts might then spill into developed
countries

Developing countries - Background

Developing countries tend to have lower cybersecurity

According to a Microsoft report,
developing countries have
relatively lower cyber security
compared to developed
countries
The growth rates of Malware
correlates with the lack of
cybersecurity capabilities
Graph illustrates the following:
Developing countries have
higher Malware rates relatively
compared to developed
countries

Developing countries - Background

Some possible reasons for increasing

cybercrime in developing countries:

Increasing Internet penetration and vulnerabilities

Increase in internet penetration not met with increased

cybersecurity capabilites.
Open to exploitation by cybercriminals

Developing countries - Background

Some possible reasons for increasing cybercrime

in developing countries:

Low education level

Not adequately educated regarding cyber-related issues

such as negative impacts of cyber crime
Priority thus given to benefits of technology and neglecting
the security aspect

Low Gross Domestic Product (GDP)

Inability to update/purchase relevant software for cyber

protection
Incentive to partake in cybercrime due to opportunity to
profit

Developing countries Rampant issues

Industrial
Espionage

Communications
Eavesdropping

Target lack of
cybersecurity
infrastructure in
developing countries
Theft of confidential
& valuable
information
Deters investors,
Impedes economic
growth

Increased use of
GPRS in developing
countries
Exploitative Hacking
of GPRS to
eavesdrop on
mobile data
communication
Packet Sniffing,
which allows
hackers to capture
and analyze network
traffic, obtaining
data

Computer Hacking
Case in point:
Microsoft ended
support for
Microsoft XP in
2014
70 80% of
computer users still
use XP in developing
countries
To steal, change or
destroy information

Distributed Denial of
Service (DDOS)
BOTNET implanted
by hackers onto
unprotected
computers
Hacked computers
carry out DDOS on
other computers,
not easy to track
down.
Developing
countries are
susceptible.

Developing countries Rampant issues

Destruction &
Modification of data
Lack of proper
cybersecurity in developing
countries
Critical infrastructure such
as finance, electricity and
water supply highly
susceptible.

Cybertheft

Distortion & Fabrication

of information

Case in point: Brazilian

Banks Association
approximately lost $165
million to cybertheft.
Susceptible to Phishing,
Viruses, Social engineering
Copyright violations,
betrayal of professional
trust, violation of digital
privacy and intellectual
property

Case in point: Nigerian

cybercriminals created
counterfeit documents (e.g
checks) to gain monetary
benefits.
Unlawful modification &
misrepresentation of
information for profit

Developing countries Possible Strategies

Authentication
Authenticate sensitive
processes &
operations & secure
transactions
Use Multi-factor
authentication
technologies (e.g CA
Strong Authetication
to provide multi-layer
protection)

Encryption
Network encryption
managed by internet
service providers in
developing countries
are very permeable
Employ a range of
encryption measures
to secure sensitive
data & processes

Auditing committees
Corporations to set up
cybersecurity auditing
committes to educate
board members &
executives
Provide a stronger
cybersecurity
framework across the
corporations in
developing countries.

Developing countries Possible Strategies

Technology risk
management
The Government
should increase the
level of competency
with regards to
technology risk
management
capabilities
Prepared to tackle
possible
cybersecurity issues
at all times

Monitoring/
Intrusion detection

IDS System of
communication

Make use of current

software which
combines monitoring
& intrusion detection
elements
Developing countries
should consider
using these software
(e.g IDPS technology)
to achieve accurate
& efficient
monitoring of
malicious activity

Develop stronger
framework of
firewalls for
developing countries
Restrict movement of
data, filter
unauthorised &
unwanted traffic to
enter important
computer servers.
Case-in-point:
Raspberry Pi as low
cost technology

Prosecution
Blurring of national
boundaries, hard to
prosecute
cybercriminals
Currently, only 1
international binding
legal convention for
cybercrime.
Establish stronger
legal framework for
cybercrime in
developing countries

Developing countries Evaluation &

Conclusion

Effectiveness of counter-measures is ultimately

dependent on a few factors
Education

Cybersecurity awareness
programmes must be initiated to
highlight the negative impact of
cybercrime and how to take active
steps to secure themselves from it.

Enforcement
An active cybersecurity task force should be
set up with or without aid from developed
countries. Through improving law
enforcement, cybersecurity measures will
increase its effectiveness in deterring
cybercrime.

Developing countries Evaluation &

Conclusion

Role of government
Regime stability and
regulatory quality are found
to be significant factors in
cybersecurity.
Ability
of developing countries to
emulate counter-measures
employed by developed countries
dependent on political will and
institutional stability.

Brazil: A Case Study

Digital
Access

Institutio
nal
Stability

Improved
Cybersecurit
y!