Via Quartz, an article on Togo’s leadership in Africa’s cybersecurity space:

A new cybersecurity center in Togo is poised to add into efforts by individual African countries to secure the continent’s cyberspace.

In November 2021, Kaspersky reported that Nigeria, South Africa, and Kenya recorded a combined total of 81 million cyber attacks in three months, signaling how cybercrime is rising in tandem with internet penetration. In the second quarter of this year, phishing scams rose by 438% and 174% in Kenya and Nigeria respectively, from the previous quarter.

Based in the capital city Lomé, and set up as a partnership between the government and the United Nations Economic Commission for Africa (Uneca), the African Centre for Coordination and Research in Cybersecurity will monitor, detect, and share cybersecurity intelligence with African governments, policy makers, law enforcement, and security agencies. Cybercrime is estimated to cost Africa $4 billion a year.

Cybersecurity in Africa

The center will also lead internet security research in the continent, in a time when hacking groups are deploying sophisticated deep learning software to penetrate African government websites, banks, hospitals, power companies, and telcos. In July, Liquid Cyber Security, the internet security arm of cloud firm Liquid Intelligence Technologies, launched a cybersecurity fusion center in South Africa.

Togo’s digital economy and transformation minister Cina Lawson said the collaboration’s mission is to make cybersecurity a top priority for African nations. “We aim to become a significant digital hub in Africa. Our partnership model with the private sector is an innovative approach that we want to showcase to inspire other countries for safer cyberspace on the continent,” he added.

Lomé Declaration and Togo as a forerunner in cybersecurity

Last March, African countries subscribed to the Lomé Declaration (pdf) which is implementing a regulatory framework to make cybersecurity a business enabler.

“It is important to promote coordinated cybersecurity approaches in Africa,” United Nations under-secretary general and Uneca executive secretary, Vera Songwe, said.

Togo already has a National Cybersecurity Agency (ANCy) and a Personal Data Protection Authority (IPDCP), making itself a leader in Africa’s cyberspace security. It is one of a few nations to have ratified the African Union Convention on Cybersecurity and Personal Data Protection of 2014.

Once cyber attackers obtain access to corporate web-based and cloud
resources using cookies, they use them for further exploitation such as business email compromise, social engineering to gain additional system access, and even modification of data or source code repositories. There have also been hacking on social media platforms targeting money in credit cards.

“Over the past year, we’ve seen attackers increasingly turn to cookie theft to work around the growing adoption of multi-factor authentication. Attackers are turning to new and improved versions of information stealing malware like Raccoon Stealer to simplify the process of obtaining authentication cookies, also known as access tokens,” Sean Gallagher, lead threat researcher at Sophos, a UK cybersecurity firm, tells Quartz.

In March 2021, the African Development Bank granted $2 million to the African Cybersecurity Resource Center (ACRC) for Financial Inclusion to tackle cybercrime and strengthen the resilience of digital financial ecosystems.