By Jacob Mutisi
Imagine you are a victim of cyber fraud or a cyber attack or even a virus attack in Zimbabwe, where are you going to report it?
Zimbabwe does not have a centre where one can report a cyber crime and there are no laws at this moment in place to protect the ordinary citizen.
It is time the Zimbabwe Republic Police (ZRP) got a solid understanding of what cyber crimes are and set up a cyber unit at each of its 400-plus police stations dotted around the country.
Zimbabwe is a cashless society with 96% of its transactions being executed through the internet meaning the criminals have now moved from the streets onto cyberspace.
With our law enforcement agencies not having the structures to report serious financial cyber crimes and the skills to investigate these crimes, most businesses are not reporting cybercrime. In Zimbabwe, organisations are not compelled to report security incidents such as data breaches to regulators, therefore, the statistics provided are never accurate.
The other reason behind the lack of will to report is, many organisations are faced with the simple question of: “What is the point?”
In Zimbabwe it is notoriously difficult to identify the threat actors, especially when attacks come from abroad.
Zimbabwe’s law enforcement agencies do not have the skills or the capacity to help restore cyber financial operations or prevent stolen data switching hands.
Organisations are reluctant to report serious financial cyber crimes because of the time and the expenses that it might require, and the perception that it is not likely to result in recovery of whatever is lost to the business.
Sometimes, the primary reason would be that the incident does not justify the time and expense of getting law enforcement involved and is better handled internally. Besides doing nothing, some organisations fear that getting the Zimbabwe Republic Police involved may disrupt business operations further as they look to investigate incidents.
Most organisations do not report cyber crimes because they worry that reporting an incident would lead to it becoming public knowledge thereby damaging the reputation of the organisation.
Above all these challenges, there is a need for Zimbabwe to have a cyber unit at all police stations which should be managed by well-trained cyber police officers, equipped with the technology to fight modern day criminals. Zimbabwe needs to have cyber security helplines similar to the old emergency number 999 linked directly to all our financial institutions, mobile money service providers and the Reserve Bank of Zimbabwe to be used either to report a cyber crime or inform of any latest cyber activities.
Zimbabwe does not need to reinvent the wheel; it can copy and paste the US method. If one is a victim of cyber crime in the US, he/she can file a complaint with the Internet Crime Complaint Centre (IC3) on www.ic3.gov. IC3 is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Centre (NW3C). They then investigate and do all the processes required until the individual is apprehended.
- Mutisi is the CEO of Hansole Investments (Pvt) Ltd and the current chairperson of Zimbabwe Information & Communication Technology, a division of Zimbabwe Institution of Engineers.