There's a great chapter from a 1981 children's book called "World of Tomorrow: School, Work and Play" that imagines how computers, in the future, would give rise to a whole new phenomenon: 'Computer Crimes."
"Instead of mugging people in the streets or robbing houses," the chapter reads, "tomorrow's criminal may try to steal money from banks and other organizations using a computer." Computer criminals will "work from home, using his own computer to gain access to the memories of the computers used by the banks and companies. The criminal tries to interfere with the computers in order to get them to transfer money to his computer without the bank or company knowing that it has been robbed."
In an illustration accompanying the chapter, a "computer criminal" sprints from his (Frank Lloyd Wright-style) lair in chinos and a zip up jacket. A high-powered computer system the size of an MRI machine sits in the background as a computer cop in a flight jacket and space helmet gives chase.
Despite being written more than a decade before the emergence of the public Internet, the book (by Neil Ardley) does a great job of describing the broad outlines of our current cyber crime epidemic. And the illustration - though fanciful - isn't that far off. Computer criminals are well-fed, well educated, first world types operating at the margins of complex, wealthy societies. Yes, our laptops are smaller than the room sized rig used by the 1980s computer criminal, but it's undeniable that, for the past 20 years, computer crime has been a decidedly First World problem.
But that's about to change, security experts say. In fact, the image of cybercriminal ten years hence may well be of a brown-skinned man (or woman), tablet in hand, operating from the crowded streets and alleys of a third world mega-city like Lagos, Nigeria, Cairo or Dhaka, Bangladesh.
Africa has one of the world's fastest growing middle classes. And, with that growing prosperity comes a growing reliance on technology and the Internet. The result: developing nations, including those in Africa, are set to experience an explosion in cyber crime, as more and more of their citizens connect to the Internet and the web using smart phones high capacity 3G and 4G cellular networks, according to numerous reports from public and private research groups.
Writing on Trend Micro's blog on Thursday, Loucif Kharouni, a Senior Threat Researcher at the security firm Trend Micro wrote that Africa will become a "haven" for cyber criminals, as its population of Internet users explodes in an environment of lax cyber law enforcement.
Kharouni isn't the first person to notice that Africa - long a technology backwater - is experiencing growing pains as its population joins the billions of people across the globe who are online. An October report from IDG on Cyber-Crime, Hacking and Malware in Africa notes that Internet penetration is far lower in Africa - just 29% in Nigeria and 14% in South Africa, compared to 78% in the US. But Internet use is growing fast. Nigeria is expected to sport 70 million Internet users by 2015, up from just 45 million today, according to data from Internetworldstats. And, across the region - in countries such as Kenya, Nigeria, Morocco, Algeria and Egypt - rates of malware infection are higher than in developed nations, according to data from Microsoft Corp.'s 2012 Security Intelligence Report.
Egypt, with more than 20 million Internet users and 112% mobile phone penetration, is the continent's powerhouse, and but has also become a source of phishing schemes and one of the highest rates of malware infections on the continent, according to Microsoft and Kaspersky Lab. Still, the country - fresh on the heels of a technology-fueled popular revolt that toppled a decades old autocratic government - has no comprehensive cybercrime law.
In Kenya, the government has developed a Cyber Security Master Plan to help cope with a population of Internet users that has grown by 86% (PDF) in the last year, largely on the back of mobile data plans. The Communication Commission of Kenya (CCK) is pushing for mobile operators to assign static IP addresses to smart phones and tablets to "help track and monitor user activity," according to statements from Bitange Ndemo, the Information and Communication Permanent Secretary there.
The problems facing these developing countries are formidable. African businesses have just begun to invest in cyber security, and there's a woeful absence of skilled, IT professionals. A research paper focused on Kenyan small businesses by Jomo Kenyatta University of Agriculture and Technology found only half of Kenyan SMBs think their staff are properly trained to secure their computers, and businesses invest very little money in security training, IDG reported.
Pirated software is also used commonly throughout the continent, creating an avenue for malicious software and sapping local economies of money and jobs that would stem from a legal market for business and personal software.
And, as in other countries, social media web sites provide an avenue for individuals to connect, but also for cyber criminals.
As more African- and third world countries join the global, Internet community, cyber criminal operators stand ready to profit. Malicious "exploit" kits like Black Hole and Reveton have already been localized to work with victims speaking a Babel of different languages - English, Russian, German, Czech, Polish, Korean and Arabic. Localizing those attacks to Swahili or Afrikaans is a small matter. The rapid adoption of both mobile technology and mobile payments, in place of shoddy, state managed telecommunications and banking monopolies will create a fertile ground for mobile scams and account hijackings. There are also concerns that African nations, wired but absent of the rule of law on cybercrime, could become safe havens for cyber criminal groups as they have been for terrorist organizations like Al Qaeda.
At least on the African continent, change is coming. In addition to aid from the U.S. and others, groups like the Cyber Security Africa and the International Institute for Counter Terrorism (ICT) are setting up regional workshops and conventions to address problems like cyber crime in Africa.
Western nations are helping out, also. In December, the U.S. Department of State has granted $250,000 to combat transnational cybercrime in East African nations. That money will be used to train law enforcement, judges and prosecutors on cyber crime prosecution, with cooperation from the US Justice Department. Still, a State Department spokesperson said the money will be spent on "fundamentals" - laying the groundwork for intra-government and international cooperation on cyber crime, as well as 'basic laws that criminalize cybercrime conduct, laws on handling electronic evidence."