ADDIS ABABA- Applying risk based approach and enhancing cyber security maturity would be instrumental to prevent possible cyber breaches that target Ethiopia’s key institutions and infrastructures, the Information Network Security Administration (INSA) said.
Speaking to The Ethiopian Herald, Cyber Audit and Evaluation Head at INSA Tilahun Ejigu said implementing risk based approach and building resilient cyber security capacity would help Ethiopia to prevent potential cyber-attacks.
According to him, lack of finance, absence of adequate investment and IT infrastructure, low awareness of decision makers, lack of capacity and skills are among the major drawbacks in the country’s cyber ecosystem. The in-alignment of cyber security policy with other policies also inhibited the sector’s progress.
Globally, cyber-attacks have cost over 8 trillion USD in 2023 while it is estimated to become 10 trillion by 2025.
According to INSA’s vulnerability assessment conducted on 123 private and public institutions last year, around 657 risk level gaps were identified. Of which, 187 high, 273 medium and 192 low risk levels system gaps were observed.
The Head mentioned that the assessment was done through institutions network infrastructure, mobile application, website and integration with different systems. The institutions have the limitations in cyber security job structure and tools and experts as well as cyber security documents (policy guideline).
With regard to cyber-attack attempts, alarming increases observed over the past eight years from 214 to 8845. The Pretoria Peace Agreement has played an immense role in reducing the figure to 6959 last Ethiopian fiscal year.
Similarly, around 2554 website attacks, 1295 malware/ malicious, 1493 distributed denial of service attacks (DDOS), 603 scanning, 695 penetration attacks and 145 different cyber-attack attacks were made last year.
Mentioning malware, (DDoS), scanning or data gathering were amongst the major attempted attacks, he underlined that the attempts could cause the denial of service, stealing of data and information, ruining of business reputation and creating mistrust among the public and the government.
Financial institutions, media houses, key public infrastructures and public institutions, security institutions are amongst the major targets for cyberattack attempts. Nonetheless, Ethiopia’s capacity to respond to cyber-breaches is in good position following the activities carried out in equipping the sector with skilled labor and modern technology.
It was learned that Ethiopia has saved some 23.2 billion birr in preventing cyber-attack attempts during last budget year.
BY BETELHEM BEDLU
THE ETHIOPIAN HERALD SATURDAY 28 OCTOBER 2023
