Banks, Telecoms Remain Top Cybercrime Targets – Experts (allAfrica.com)

Mobile kiosks can be found almost anywhere. They face risks of cyber attack

Of recent, many financial institutions have partnered some telecom companies to have applications that enable their clients have a 24-hour convenience to withdrawing money, do account checks, and transfer money to other platforms.

However, experts have warned that cyber criminals are now targeting channels such as mobile money and online banking to carry out fraud.

According to Michael Nagenda, a consultant at International Bank Frankfurt in Germany, the fraudsters are designing malwares to target mobile devices. Malwares, which double as a virus, refers to malicious program used to steal personal information from electronic devices or gadgets.

He was speaking at the launch of Cyber Edge, an insurance product by American Insurance Group [AIG] to counter cyber-attack. AIG is the first insurance company in Uganda to cover risks against cyber offences.

The Uganda police say it registers an average of 40 cyber- crime related cases every year, although there are more that go unreported. The 2013 police report indicated a 10 per cent surge in economic crimes, which saw 9,998 cases investigated. Cyber-crime cases were 45 compared to 62 in 2012, which resulted into a loss of Shs 18.1bn, according to the report.

“As we push for digitalisation, we need to anticipate and detect eminent cyber-attacks. Internet has provided the speeds on how fast someone can attack and get out in a matter of seconds,” said the Standard Chartered bank Managing Director Herman Kasekende.

He continued: “Cyber fraud in terms of card shimming is quite eminent. Between March and June, 2015, we have taken down 84 phishing [malware] sites from our system, and between January to date, there has been 67 per cent of fraud cases reported [related to ATM card Scheming] to accounting, and [causing] about eight per cent loss [to the industry] is cyber-related.”

He admitted that while information related to fraud cases towards banks is often not disclosed, the threat is potentially high.

According to Alex Mukasa, a senior underwriter at AIG, cyber-attacks can be defended against if organisations implement a multi-layer approach to security, which will make it difficult for attackers to compromise systems.

“We shall not insure you to infinity. The insurance company can never take up more risk than it can handle,” he said in response to an assertion by a representative from United Bank of Africa that insurance companies are taking on too much risk.

James Osubo, the CEO at Marsh Uganda, a global risk management and insurance broker, said that although mobile devices offer productivity gains and improve the quality of services delivered, they also increase exposure to risks, which come as a result of phishing and fraud through unprotected mobile devices.

“We use the same pins for email addresses, Facebook, Twitter and Instagram. You upload your pictures; so everything about you is out there. One may pick that photo and make an ID which can be used to gain access to sensitive information [with intent to commit crime],” he said.

According to the Uganda Communications Commission report on access and usage of communications services 2014, internet users have increased from 850,000 as of June 2011 to more than 5.7m subscribers by December 2014.