Breaching information communication protocol ranges from simple show-off of talent to theft of valuable data such as financial and security information. As these problems are fast increasing, it is necessitating a well equipped and proactively prepared cyber defense institutions. The Information Network Security Agency (INSA) is established to ensure the security of advancing critical infrastructures and industries that are vulnerable and going to be more vulnerable due to their reliance on computer. EBR sat down with Mohammed Idris, Special Advisor to the director general of the Agency, to discuss the magnitude of the problem Ethiopia faces and the preparedness of INSA to safeguard the country’s cyber space.
EBR: How do you assess Ethiopia’s cyber security and it’s preparedness to face the potential challenge?
Mohammed: Cyber space is man-made. Next to the earth, the sky, water bodies and outer space, cyber space has become the fifth human operating domain. And just like the other domains, it involves conflicts, including military confrontations of some kind. The conflicts in cyber space can range from miniature hacking to cyber terrorism perpetrated by individuals, organized cyber gangs or state actors.
The Ethiopian National Cyber Defense Force has been established to protect Ethiopia’s cyber space. To this end, the Information Network Security Agency (INSA) has put in place a round-the clock contingency, monitoring and response capability in the form of the Ethiopian Cyber Emergency Readiness & Response Team (Ethio-CERT).
Ethio-CERT, after a thorough assessment of its permanent readiness, has joined the Forum for Incident Response & Security Teams (FIRST), a global forum to share real time intelligence on cyber security. We believe we have the strongest CERT capability in Africa.
We also have a telephone hotline – 933, standing by to receive any reports 24-7.
What methods does INSA deploy to ensure the country’s cyber security?
It’s relatively easier to protect an organization by introducing strict USB flash and internet usage standards. But it gets a whole lot complicated at a national level. A consideration of a country’s political, economic and governance systems are included in the design of the protection mechanism. It involves developing a policy and legal framework, building the capacity of the judiciary, awareness creation, setting standards and procedures, and implementing a monitoring and alert system to detect and deal with any cyber threat.
Ethiopia has made considerable progress in all these aspects.
Which institutions are critical in Ethiopia from a cyber security point of view?
Financial institutions, power, telecom, railway, industrial parks, water and sewerage systems, Ethiopian airlines are among the key institutions with critical infrastructures. Any attack on these would surely cause major disruptions. INSA alone cannot protect these infrastructures, unless the institutions themselves include cyber security elements in their local systems.
INSA works to ensure security from the design to implementation of projects. We help in the development of human capacity and the technology that provides protection at national level.
How do you evaluate the capacity of banks in Ethiopia on cyber security?
No bank can go forward without addressing security concerns. Recently a steering committee has been established under the National Bank of Ethiopia to implement the financial sector’s security framework, which was introduced in the country. All banks and micro finance institutions are included. Work is underway to establish a collective security platform which will avoid duplication of efforts, by protecting data centers and countering cyber attacks.
Some banks in Ethiopia, however, still think public trust and reputation is enough. Offices in secure buildings and strong guards like in the old days won’t do you any good faced against today’s security challenges.
How exposed is Ethiopia’s financial sector?
Next to key infrastructures, it is the second most attacked sector.
How are you prepared to deal with ransomwares such as WannaCry?
We do not encourage victims to pay any ransom. Our Emergency Team can actually recover the files locked by the virus. If a device is discovered to be compromised, Ethio-CERT should be contacted immediately. No attempt to boot the device should be conducted before our team gets to the ground.
Primarily though, updating systems should be given utmost priority. And implement strict USB flash, internet and privileged access standards with strong pass codes.
What is the general motive of cyber attacks?
The attack on infrastructure will ultimately make public the motive of the attack. However, experiences indicate that there could be cyber attacks for economic gains, political and military espionage. Fame is also a motive for professional hackers. There is also ethical hacking which is conducted to identify security weak spots in an app, program of network where corrective measures will be sought after.
What is the biggest challenge to promote cyber security in Ethiopia?
Finding competent and innovative people is a major challenge. We’ve started working with local universities to address this problem.
Moreover, the low level of attention given to cyber security, particularly by some institutions is alarming. While expansion in the technological service delivery is pacing in some economic sectors, the corresponding security measures lack the proper amount of investment. There should be a mind-set shift where cyber security is an integral part of any business expansion or service delivery from the design, procurement and recruitment process.
We are investing big on research and development to build our local capacity and find solutions for local and global challenges we face. Future wars will be knowledge based and our intensive research and development does not come cheap but will be very rewarding. EBR
5th Year • August 2017 • No. 53