In a country where conmen have firmly established their roots, crime and theft seem to be diverted from iron bar hit men, Taxis, House maids and streets of Wandegeya to rather more sophisticated methods of theft using the Internet including a few things we thought only existed in Hollywood movies and witch craft.
It doesn’t take the best brains that conduct such schemes but rather some loopholes and a bit of Information Technology (IT) backwardness of some people. So even the ‘script kiddie’ will pull a prank so big and it makes him money in a day or a billionaire in a week depending on how ‘smart’ he or she is.
So what do cyber criminals do? One simple interaction with the Executive Director of the ICT Law Centre- Uganda Miss Dianah Byaruhanga Ajuna, reveals to me that computer crime, cyber crime, hi-tech crime or electronic crime activity generally mean criminal activity where a computer or network is the source, tool, target or place of a crime.
According to the deputy director criminal Investigations Department (CID) Police, Mr Moses Sakira, examples of Cyber Crimes include; illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference ( unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft) and electronic fraud.
As personal, commercial, and government activities continue to migrate to the digital realm, so do criminals. Large-scale cyber attacks are becoming more frequent and more costly for businesses in Uganda and East Africa.
The latest annual Police Crime and Traffic Report 2013, indicates that cybercrime which focuses on mobile money, illegal online transactions and Automated Teller Machine (ATM) fraud, was responsible for the loss of over Ush18.1Billion in just one year while another figure released by Kaspersky Labs puts the figure at 25Billion Uganda Shillings. The frauds targeted individuals and private corporate bodies like banks, nongovernmental organisations and religious organisations.
In January 2014, four Bulgarian nationals had their 20 year prison sentence reduced to 9 years because they were first time offenders. The trio had been found guilty of ATM Fraud, after being caught with 38 Automated Teller Machine (ATM) cards of various identities. Later on, Ronald Muramuzi the brain behind TelexFree Uganda was arrested for defrauding innocent citizens of more than 5 Billion Uganda Shillings.
Cyber crime is one of the major non traditional crimes in Uganda and Africa today. It is a technical field which is new to both the police and the citizens due to the rising trends of globalisation and super fast advancements in technology and stagnation of the law at the sometime. Many people use the internet every day on their computers, smartphones and recently, smart watches not knowing that they are wiggle wiggle dancing in the arena of technologically dangerous traps.
Despite the setting up of the National Information and Technology Authority (NITA-U) and introduction of a full directorate of Information Technology at the police headquarters, The Uganda Police, which has a role to play in fighting cybercrime, is still ill equipped and lacks the capacity to investigate.
Cyber crime doesn’t need the use of a gun to fight it, but skills which need a lot of training. Ethical hacking, data base management, networks and networking among others are some of the fields in which the cyber police (if it exists anyway) must be educated to be well equipped and prepared to fight cyber crime in Uganda and cross boarder i.e across the East African Community.
Finding Ugandans within and outside the Police who are skilled in IT crime prevention and remunerating them well is a big challenge. IT is new and employing the right personnel who are skilled in cyber-related security to monitor cyber-based terrorism, computer intrusions, online sexual exploitation and major cyber frauds, is something the Police must be grappling with.
The other challenge of course is the resources the Police need to follow- up these cases. Some of these cases are trans-national and require for instance Uganda Police officers to travel to the countries where the crimes have been committed instead of relying on messages and telephone calls to Japan that do not help much. And the right to access the databases of the companies that provide telephone and Internet services is a challenge.
Therefore measures must be seen put in place to curb such cyber based insecurity and these would include facilitation of data protection mechanisms, enforcing Computer Misuse Act, enacting more laws, training highly skilled personnel in ICT, massive awareness campaigns and taking initiatives to help in building capacity to deal with ICT risks.
Consequently,there is need for setting up a fully functional public facility (preferably with a presence on the internet) where victims can report incidences. The public need a lot of sensitisation and training in what computer crimes are, in which forms they can manifest, how to detect them, what to do after detection and how to prevent and minimise them. the police should also endeavour to consolidate its trust and confidence in the population by using media and otherwise, so that more such incidents are reported to them for proper and unified record keeping.
Florence Tushabe, an IT expert also proposes internet filtering. Countries implementing Internet filtering at client, Internet Service Provider (ISP) and government levels would prevent access to illegal websites like those promoting concepts like drug use, gambling, immorality, pornography, bomb making recipes, terrorism and the like.
Legislative organs can mandate a body to filter all incoming web traffic before it is accessed by internet users in Uganda and block away websites that pose security threats to the users. Internet Service Providers are also in position to protect their clients against most cyber attacks like distributed denial of service attacks, email spoofing, spam and the like if they were only allowed to do it.
Lastly, International Co-operation, intelligence and further research should be done. Countries should actively work together and strengthen research activities that will explore new techniques and procedures that will combat the rate at which cyber crime spreads and the ease at which they are conducted. This can begin with the East African Police Chiefs Organisation (EAPCO).