The Minister of Territorial Administration and Decentralization;
Members of Government;
Governors of Regions;
Ladies and Gentlemen;
It is a privilege and honour to be invited
to this important biannual meeting of Governors. I would like to thank the Minister of Territorial Administration and Decentralization for this opportunity to give a presentation on the challenge for Sovereign states to protect their cyberspace.
The development of Information and Communication Technologies (ICTs) has been the big event of this century. Since the invention of the computer in the 1930s, digital technologies have been expanding seamlessly. Digital revolution marked by the convergence of information technology and telecommunications, has radically transformed traditional economic business models, the way our societies function and our lifestyle. In a meteoric rise, digital technology has invaded our privacy to such extent that we can no longer imagine ourselves living without these very recent tools.
With this digital boom, states are confronted with the challenge of protecting their sovereignty over this borderless wide virtual space called cyberspace.
Cyberspace can be defined as a set of digitized data constituting global information and a communication medium linked to the global interconnection of computers. It is therefore the digital space that brings together Internet users around the world and all available data through the Internet. It includes:
- services such as websites, digital applications (Google, Apple Store, PlayStore...), social media (Facebook, Twitter, WhatsApp ...), e-mail and other online services (e-commerce, mobile money, Telemedicine, e-banking, etc.);
- - infrastructure: submarine cable landing points, IXP, VSAT stations, optic fibre networks, relays, antennas;
- Terminals: computers, tablets, mobile phones, television, servers.
Our presentation about THE PROTECTION OF THE NATIONAL CYBERSPACE IN THE DOMAIN OF INFORMATION AND COMMUNICATION TECHNOLOGIES will focus on five main axes including: issues at stake in ICTs development, threats to the national cyberspace, challenges faced by States, measures taken by Government to protect the Cyberspace as well as prospects for the fight against cybercrime.
- I- ISSUES AT STAKE IN ICTs DEVELOPMENT
ICTs can be defined as the set of information technologies used to process, modify or exchange information, and more specifically digitized data.
According to the International Telecommunication Union (ITU) statistics for 2016, 7.5 billion people worldwide use a mobile telephone, of which 772 million in Africa; 3.5 billion are connected to the Internet, including 240 million in Africa and 3.7 billion people are using the Mobile Broadband worldwide, including 280 million in Africa.
Information and Communication Technologies (ICTs) have boosted performance in all areas of human activity: education, communication, administration, agriculture, industry, police, commerce, medicine, banks and other services.
- With regard to education, ICTs promote access and acquisition of knowledge by all;
- In terms of health, telemedicine helps to bridge the gap between the doctor and the patient;
- Transport and payment systems have become easy with on-line payment, booking, registration and purchase of tickets;
- At the administration level, thanks to the digitalisation of procedures and on-line information systems, the public service user has a speedy access to information and enjoys a better processing of his/her documents.
In an interview to the Pan-African newspaper Les Afriques on 21 October 2010, the Head of State, His Excellency Paul Biya, confirmed it and I quote: "We call ICTs an accelerator of development. We have long been aware of their revolutionary nature in that they make it possible to boost performance in all sectors of human activity: education, communication, administration, agriculture, industry, police, commerce, medicine, Banks and other services, etc." He then continued and I quote: "ICTs constitute an extraordinary field of employment opportunities for our developing countries in terms of software development or teleprocessing..." end of quote.
The Head of State’s vision regarding ICTs and the digital economy is therefore clear. This sector is the cornerstone of our economic revolution for the emergence of Cameroon.
However, the widespread use of ICTs in our daily life goes hand in hand with numerous risks. Development is a source both of opportunities and risks to individuals, public and private organizations as well as the State and society.
- THREATS TO THE NATIONAL CYBERESPACE
Internet enables communication between virtually everyone, and therefore anyone. It is difficult and even impossible to identify who is behind a screen or a virtual identity
Taking advantage of this anonymity, malevolent people use the Internet and social media for purposes of propaganda, scamming and terrorism. Every day, hundreds of million of cyber attacks occur with the intention to steal strategic corporate or personal data; State secrets are hacked and published on social media.
Internet users are confronted with many threats:
- At the national level
A study by the NAICT reports:
- close to CFA francs 4 billion of losses due to scamming (financial scam over the Internet);
- Close to CFA francs 3.7 billion of losses due to skimming (credit card fraud);
- Close to 200 cases of profiles impersonation on Facebook and cyber-blackmailing;
- Hundreds of million of CFAF losses due to intrusions into the information systems of some companies;
- Several billion of CFAF losses due to Simbox fraud (electronic box used to bill international telephone traffic at the domestic rate by rerouting and manipulating the international traffic on Internet;
- 28 website defacement attacks detected on public administration websites since 2013 (this refers to non authorized modification of the home page of a website);
- 12,800 vulnerabilities detected on public administration websites since 2013;
- Millions of HOAX (wrong information massively published on Internet, especially on social media);
- Thousands of cases of spoofing or impersonation;
- A countless number of malwares (malicious computer programs, viruses, worms, etc.)
In addition, it should be noted that 51% of the domestic Internet traffic volume has to do with illegal downloading.
- At the international level
There are other major threats at the international level and they can occur in Cameroon as well. For example, we can mention:
- Botnets: networks of infected computers on Internet, controlled by a hacker;
- Deep Web: non referenced web sites on Internet that are used for illegal traffic (drug dealing, sale of weapons, cyberterrorism, etc.)
- Ransom wares: malicious programs that block a computer and demand a ransom from the victim as a condition to unblock access.
Since the September 11 attacks, terrorist organisations have significantly perfected their strategies. Moreover, cyberterrorist attacks can also be perpetrated by States. In this regard, within the contemporary context of cyber-wars, some States do attack the information systems of other States in order to paralyze them. The hacking of telecommunication media and of critical infrastructure like airports, train, bus and underground stations has become common practice. Cyberterrorism is a real threat.
Given all these abuses, it goes without saying that States are confronted with so many challenges related to cybersecurity.
- CHALLENGES FACED BY STATES
The major challenge to which sovereign States are confronted at the moment is to reinstate the national sovereignty of their domestic cyberspace, which has long been free and borderless.
The foundations of sovereign States have been shaken by all the aforementioned threats, especially by social media through terrorist propaganda, publication of false information that could result to destabilization or destruction, by large scale cyberattacks directed towards critical infrastructure.
Another challenge has to do with the protection of the interests of States, the society and individuals without compromising personal freedoms
Among the major actions undertaken by States to secure their “digital sovereignty” and ensure a good governance of the Internet, we can mention:
- The adoption of appropriate laws and regulations, namely:
- Laws on cybersecurity and cybercrime;
- Anti-terrorist laws that include Internet regulation;
- Laws governing the protection of personal data (Wikileaks incident).
- The demarcation, control and monitoring of the national cyberspace. For example, when you land at the Paris Airport and want to sign in to your email account, you receive a message notifying you that you have arrived in the French cyberspace and must provide some personal information.
At the international level, the trend is toward a collaborative governance of the Internet. This governance is done through ICANN (Internet Corporation for Assigned Names and Numbers), a private organization in charge of the administration of domain names, Internet addresses such as ".fr", ".com" or ".cm".
Moreover, at the global level, ICANN carries out the logistical management of the network.
- ACTIONS UNDERTAKEN IN CAMEROON
Since the advent of the Internet in Cameroon with CAMTEL (INTELCAM) around the 1990s, and the issuing of the first mobile telephony concessions in 2000, citizens have been witnessing the advantages and disadvantages of the cyberspace.
The increase in cybercrimes and cyberterrorist attacks made the State to undertake major strategic measures.
- At the regulatory level, we can mention the adoption of three (3) important laws meant to regulate, control and sanction abuses linked to the use of the national cyberspace. These include Law No.2010/012 to govern cybersecurity and cybercrime, Law No.2010/013 to govern Electronic Communications in Cameroon and Law No.2010/021 to govern e-commerce in Cameroon, as well as their implementation instruments.
- At the institutional level, the creation of the National Agency for Information and Communication Technologies (NAICT) which is the operational organ of the State in charge of regulating of ICTs and fighting against cybercrime.
The NAICT has a Computer Emergency Response Team (CERT), whose role is to ensure security watch on the national cyberspace in collaboration with other States.
In addition to these two measures, there is the elaboration of a government strategy for the development of digital economy, which has digital governance as one of the pillars. Its aim is to encourage digital trust by intensifying the fight against cybercrime.
Specifically, the following main actions have been taken:
- The setting up of two cyber security laboratories in charge of digital investigation within the department of the Judicial Police of the General Delegation for National Security and at the National Advanced School of Engineering.
- The setting up of surveillance and video surveillance networks in the national cyberspace within the relevant administrations in charge of public security.
- A campaign to identify telephone network subscribers begun in 2016, that will be strengthened in the months ahead with the setting up of a digital platform to identify subscribers and monitor electronic communications traffic. This platform will be a tool in Government’s hands to master the identity of all telephone network users and thus fight against cybercrime more effectively.
- An audit of the quality of services offered by mobile operators shall be carried out to ensure the reliability of their equipment while proposing corrective measures.
- Security watch, including live monitoring of critical infrastructure, issuance of security bulletins and alerts, establishment of security references, etc.
- The audit of the information systems of Public Administrations.
- Sensitization and training of all users on good security practices.
It should be noted that these measures are in line with similar policies that have been instituted by other relevant administrations.
Despite this significant progress, it is important to strengthen and consolidate all these measures in terms of prospects.
In order to finally establish the digital sovereignty of our country, it is necessary to continue:
- Raising public awareness on cyber security;
- Training and building the capacities of various State stakeholders, including administrative authorities, forces of law and order, judicial authorities;
- Identifying critical infrastructure (PKI) and monitoring operators of strategic importance;
- Strengthening the Cyber Incidence Response Team CIRT of NAICT, in order to have an efficient structure for emergency response to information security incidents;
- Developing local content and encouraging the use of the ".cm" ;
- Upgrading the legal and regulatory framework (protection of personal data, coercive measures, etc.);
- Setting up a platform managed by NAICT to secure the national cyberspace;
- Strengthening international cooperation within the framework of the fight against cybercrime.
- Developing a national cyber security and cyber defence strategy with specific focus on the protection of personal data and the protection of children, young people and the weakest in the cyberspace;
In the last few years, digital economy, as a catalyst for innovation and competitiveness, has become an important booster of economic development. For example, according to a recent World Bank report, a 10% increase in the broadband access rate would result in about 2% increase of the GDP.
In Cameroon, ICTs are an extraordinary opportunity to create jobs for young people. They have real potential to develop the Digital Economy. This is evidenced by the many international competitions won by our young people: Arthur ZANG (inventor of the Cardiopad), Olivier Guillaume Madiba (Creator of Kiroo Game, the first African video game), Nji Collins (winner of the Google code 2016) just to name a few.
It is against this backdrop that the Head of State, H.E Paul BIYA, in his address to the youth on 10 February 2016, declared and I quote:
“…one of the major challenges for our youths is to manage to keep abreast of the astounding phenomenon of the digital economy... Then he urged “the entire nation to resolutely mobilize and support the numerous initiatives undertaken by our youths in this area”. End of quote.
Unfortunately, the development of the digital economy is threatened by cybercrime that takes advantage of the virtual nature of the cyberspace, which is conducive in compromising trust.
For a successful development of the digital economy, it is imperative that the negative effects of the propensity of this vital sector be brought under control.
It is therefore important, even imperative, to strengthen the security of our cyberspace in synergy with other stakeholders in order to make the most of the many advantages of the digital economy.
Government's action in the fight against cyber crime therefore aims at limiting the intensity and extent of the damage caused, guarding against potential threats through appropriate protective and preventive measures and being capable of reacting to incidents in ways that ensure crisis management, continuity or resumption of activities, or even criminal prosecution if need be.
Our country has to strengthen its cyber security, not only to boost economic development, but also to consolidate peace. Therefore, a coherent policy involving all major stakeholders is imperative.
I therefore seize this opportunity to urge all Governors and administrative authorities for a greater collaboration in sensitizing the population to adopt good security practices in the domain of ICTs. It is important to establish a genuine culture of cyber security by promoting a responsible and reasonable behavior of citizens towards ICTs in order to benefit from them.
Thank you for your kind attention.