As Africa’s digital economy expands, so too does its exposure to cyber threats. Interpol’s latest Africa Cyberthreat Assessment Report reveals that cyber incidents have cost the continent over $3 billion since 2019, with Nigeria among the hardest hit.
From ransomware and phishing to business email compromise, the threat landscape continues to evolve rapidly, posing serious risks to individuals, businesses, and governments alike.
In this exclusive interview with Techeconomy, Craig Jones, the immediate former director of Cybercrime at INTERPOL, shares deep insights into Africa’s cybersecurity challenges, lessons from global operations, and the progress being made in strengthening digital resilience across the continent.
Having led global cybercrime operations and coordinated capacity-building initiatives across Africa, Jones sheds light on the continent’s growing sophistication in fighting back, the collaboration gaps that remain, and what the world must learn from Africa’s experience. He is currently a director at CyPol.
TE: INTERPOL’s latest Africa Cyberthreat Assessment Report highlights over $3 billion in losses since 2019. Based on your experience leading global cybercrime operations, what do you consider the most significant enablers of the surge in cyberattacks across Africa?
Craig Jones: I think the biggest enablers would be the technology and the criminal groups. We’ve seen a massive surge in criminal groups in Africa, where they’ve shifted from their old traditional model of sending out emails.
They’re becoming increasingly sophisticated in their skill set. They’re forming groups, forming businesses, and working transnationally. We’ve seen other citizens from other countries coming into Africa to work with those African groups as well.
TE: Nigeria is Africa’s largest digital economy and remains one of the hardest hit by cybercrime. What unique challenges make countries with big digital footprints vulnerable?
Craig Jones: I think you just said it, countries with a big digital footprint. Therefore, when you have an extensive digital footprint, you need to undertake considerable cybersecurity and protection measures within. In Nigeria, we’ve seen significant growth in the digital economy space.
Quite often, it’s just mobile phones. These systems are highly susceptible to cyberattacks from cybercriminals.
They launch and put malware on the phones. We see SIM swapping between people who share those phones. And that’s the backbone of the African region. It is about moving and transferring money.
TE: In your time at Interpol, did you notice any patterns of cyber criminal operations specifically targeting Nigeria’s financial systems and business sector?
Craig Jones: I don’t think it was uncommon for Nigeria’s financial businesses. It is not peculiar to Nigeria; it’s seen across South East Asia, Europe, Latin America, and South America.
However, as I mentioned earlier, the attack surface has expanded, resulting in an increased number of vulnerabilities. When you have more vulnerabilities, there are more opportunities for criminals to exploit. So, you then have to turn that around and look at your countries.
TE: How do you build out your digital capabilities? How do you ensure you have a competent workforce that can work in different departments to protect those businesses? The report warns of increasing threats like ransomware, phishing, and business email compromise. Which of these threats worries you the most in the African context?
Craig Jones: Look, crime worries me. Those are all types of crimes that are impacting businesses and communities. It’s the harm that it can cause in a healthcare setting, such as shutting down hospitals during a ransomware attack because they can’t access their systems, which can result in harm to people. You look at the impact when a business has to close down.
Quite often, people forget that the business will also serve other companies. Now, those businesses are all interconnected and reliant on each other; the impact is massive. We recently witnessed this in the United Kingdom with the shutdown of Jaguar-Rover.
TE: How are cyber criminal groups in Africa adapting their tactics compared to other regions you’ve worked in?
Craig Jones: I think what we see in Africa now is that these groups are adapting and aligning with each other. Criminals in various countries are forming their own criminal networks. And some of those criminals are actually travelling into Africa to commit their crimes as well.
TE: You previously coordinated cybercrime operations globally for Interpol. How well prepared are African law enforcement agencies to detect, investigate, and prosecute cybercrime?
Craig Jones: In 2019, I attended our working group meeting on cybercrime in Nairobi, and what struck me then was the enthusiasm, but the lack of investment. I went back to the UK and said, ‘Invest in Africa.’ In Rwanda, we had 40 heads of cybercrime, and 50 people were trained on how to prevent cybercrime. We gave them operational, actionable intelligence.
They went and disrupted the cybercriminals. That singular action we took has grown from 114 arrests to 1200 arrests in the most recent operations. We can see growth in terms of capabilities, and Nigeria is a leader in this space. I would like to commend Mr. Uche, who has been actively involved in efforts to tackle cybercrimes.
He started with a shipping container with three people. He now has a purpose-built three-storey building in Abuja.
TE: What role should capacity building and threat intelligence sharing play in improving Africa’s cyber resilience?
Craig Jones: I think they both go hand in hand in addressing the issue of cybercrime. We often discuss capacity building, which involves that type of training, but it’s also about having the technology to connect law enforcement. Interpol’s tools and channels are to be used between Interpol’s 196 member countries, and as I said earlier, that framework is really, really strong. The capability needs to be built out in collaboration with law enforcement and police officers on the ground, but they also require the tools to connect effectively. Once again, significant progress has been made in Africa over the last three to four years.
TE: How can organisations like the Shadow Server Foundation support governments and businesses in Africa to strengthen cybersecurity defences?
Craig Jones: Shadow Server Foundation are, fairly, unique in what they do. What they do is provide information directly to countries about their vulnerabilities, and they offer that information for free. However, Shadow Server is not free to run. So, it is funded, like many things, through donations, project funding, and similar means. However, they often collaborate with the National Cyber Security Centre, so by providing that information to them, the National CERT can help modify and reduce vulnerabilities in the systems and networks that Shadow Server has identified.
TE: The Global Cybersecurity Forum in Riyadh puts Africa’s cybersecurity in the spotlight. What would you like global leaders, businesses, and governments to take away from the discussion about the urgency of Africa’s cyber threat landscape?
Craig Jones: I think this urgency has been there for many years. We’re slowly addressing it, and this is a challenge we have in cybersecurity. It is an urgent matter. It is constantly evolving, and we see the impact it has on our communities. As part of this forum, we have the global thought leaders, but now they’re turning their ideas into tangible actions. It’s an investment.
The money needs to be invested in these countries to help them improve their cybersecurity. However, you also need to make it sustainable. So quite often, money is poured into countries, and then people disappear after two or three years. We need to build this.
We need to make it sustainable. We need to make it sustainable for many years to come. I think that’s a good place to start. I think so.
