Cybercrime crackdown challenges leave Internet more dangerous

With cybercrime in Africa on the rise, Nigeria’s Inspector-General of Police has announced a new platform that will allow its citizens to play a key role in their country’s security. Members of the public have been urged to report online crimes to the Nigeria Police Force Cyber Crime Reporting Portal based in Abuja’s INTERPOL office.

The new initiative is just the latest illustration of how policymakers are trying to get a handle on the worrying expansion of cybercrime, which is taking a severe toll on the Nigerian economy and, indeed, economies across the continent. In 2021 alone, African countries lost as much as 10% of their GDP to this digital crime wave. Digital extortion, ransomware and phishing scams are fueling much of this damage, with cybersecurity capacities in Africa continuing to lag far behind where they need to be.

Given the historic expansion of Africa’s digital connectivity on the horizon, greater awareness and coordinated action is urgently needed, particularly as a number of systemic challenges are severely hindering cybercrime crackdowns.

Fighting an invisible enemy

Among the roadblocks impeding efficient cybercrime investigations is the fact that digital crirminals are increasingly hiding behind online encryption and anonymizing technology – namely TOR and the Dark Web – to conduct criminal activity, such as drug, firearms and even human trafficking. This abuse of tools originally designed to protect citizens from despotic government surveillance has made it increasingly difficult for law enforcement to locate online criminals and digital evidence.

The borderless nature of cybercrime, furthermore, creates serious jurisdictional problems that criminals intentionally exploit to evade identification and arrest, as authorities struggle to determine in which country crimes should be prosecuted as well as which legal frameworks to follow.

Jan Kleijssen and Pierluigi Perri, Council of Europe cybercrime experts, have highlighted how the growing amount of data stored in cloud-based services compounds this “loss of location” problem that enables many cybercriminals to operate freely in the shadows while preventing law enforcement from seizing the digital evidence needed to prosecute these crimes. Matters are further complicated for investigators if cloud-based evidence is physically located in multiple jurisdictions.

Internet governance layers providing cover

Internet governance’s structure and resource shortages create additional challenges for cybercrime investigations. The latter issue involves a shortage of legacy IP addresses (IPv4), which has led to the wide roll-out of Carrier Grade Network Address Translation (CGN) technology.
 

In short, CGN technology provides a quick fix to this problem by allowing many end users – potentially several thousand people – to share a single IP address, leaving investigators with unworkably long lists of potential suspects. Without a source port number, which ISPs often fail to retain, they are unable to help law enforcement identify an end user on a shared IP address, which disrupts many cybercrime cases. For example, in a recent investigation, 75% of the members of an online child abuse forum who had not concealed their IP addresses evaded detection due to CGN.

Other investigations have revealed the complexity of multi-layered Internet governance. AFRINIC, the Regional Internet Registry (RIR) for Africa, has claimed that websites hosted by IP addresses it provided to Cloud Innovation – an IP management service provider – contain unaddressed illegal material, such as child abuse images, illegal streaming and gambling.

There are several problems with AFRINIC’s claim, however. For one thing, the fact that Cloud Innovation has not received notification or actionable evidence from law enforcement suggests that AFRINIC has not performed its legal duty to report the illicit content—a critical step without which investigations are unable to proceed. For another, providers like Cloud Innovation do not actually host websites, but simply allocate IP addresses to ISPs, who then host websites or provide services to website hosts. This level of separation means that IP management firms do not have access to user content, nor the responsibility to monitor customers’ customers—something which would be logistically impractical and even illegal in certain jurisdictions.

Data access obstructing collaboration

This jurisdictional division concerning digital data monitoring and collection creates another major obstacle for cybercrime investigations, which rely heavily on ISP data for evidence in prosecutions. In the EU, for example, Member States have different laws regulating ISP data retention and provision to law enforcement. This fragmented system severely undermines cross-border cooperation to tackle cybercrime, from cyberattacks to transnational payment fraud.


A case involving the Czech Republic and Germany illustrates the problem well. The Czech Republic requested electronic data from Germany to assist in an investigation; however, Germany refused their request because its short, 7-day data retention period had already elapsed. This needless problem could have been avoided with a harmonised data retention legal framework – which existed before the EU Court of Justice overturned the Data Retention Directive in 2014 – but instead cybercriminals are able to capitalise on this structural shortcoming to escape justice.

Cybersecurity actors fighting back

Yet in the face of cybercrime’s expansion, encouraging cybersecurity initiatives are emerging.

In Togo, a new cybersecurity centre has recently been announced to help Africa narrow the significant gap between cybercrime and protection – Interpol’s Africa Cyberthreat Assessment Report has found that 90% of African businesses lack critical cybersecurity defences. This vital initiative, a collaboration between the Togolese government and the United Nations Economic Commission for Africa (UNECA), will create Africa’s first regional cybersecurity research centre, to support African governments and law enforcement by monitoring and sharing cybersecurity intelligence.

With cyberattacks increasingly targeting people while public awareness and supply of cybersecurity professionals lag behind, the European Cyber Security Challenge is also playing a key role. The initiative brings together young people from across the European bloc to compete for their nation, serving to identify top talent and match them with leading industry actors to bolster Europe’s cyber defences. What’s more, the Challenge fosters crucial cooperation between Member States, raising cybersecurity awareness among a broad swath of the public.

Cybercrime crackdowns have been significantly undermined by a range of technology and governance-related challenges that create a favourable environment for cybercriminals. Promising initiatives to counter cyberthreats are arising, from awareness initiatives to new ways to report digital crimes, but solutions to the systemic problems facilitating cybercrime will need to be accelerated to keep pace with the cybercriminals who remain several steps ahead.