Mobile hacking: is Mauritius at risk?

A networking event by American multinational technology and consulting corporation IBM held in Port Louis recently revealed itself to be insightful on the state of mobile insecurity in Africa for Chief Information Officers and Chief IT Security Officers.

Identity theft, fraud and loss of sensitive data have been the most commonly reported technology breaches in Africa. The proliferation of mobile devices has certainly heightened this trend. As a fast-growing economy which has become a technology hub and a transhipment point between Africa and Asia, Mauritius is not immune to those threats.

Speaking with business and technology industry executives during IBM’s Networking Cocktail for Chief Information Officers and Chief IT Security Officers in Port-Louis recently, Hemraj Bootun, IBM’s Security Sales Leader for Central Africa and the Indian Ocean Island Territory, said there are increasingly major security flaws in the way many organizations build and deploy mobile apps for their customers.

As regards Mauritius, it has an advanced and innovative telecom sector. The mobile market of the island, with penetration at 122 %, is migrating increasingly from voice to data services. Furthermore, the country was the first market in sub-Saharan Africa to launch cellular systems in 1989, the first to provide commercial 3G mobile services as from 2004, the first in the world to develop a nationwide WiMAX wireless broadband network in 2005 and one of the first to launch Internet Protocol television (IPTV) services in 2006. 4G services based on Long-Term Evolution (LTE) have also been launched, providing data at up to 100 Mb/s.

Against this interesting background, the IBM executive explained that hackers now take advantage of the popularity of insecure mobile apps, public Wi-Fi networks, and more to break into the highly valuable data often housed on personal tools and gadgets which form part of the bring-your-own-device (BYOD) corporate culture as well as on corporate mobile devices. “They’re also tapping mobile devices as an entry portal into an organization’s broader, highly confidential internal network,” Hemraj Bootun stated.

The IBM executive hinged his comments on the results of a recent study announced earlier this year which revealed that a full 50% of the over 400 large organizations surveyed were found to have devoted zero budget towards mobile security. Also, 33% of companies never test their apps, creating a plethora of entry points to tap into business data via unsecured devices.

The study conducted by the Ponemon Institute and commissioned by IBM revealed that over 50% of companies are at risk of cyber-attacks. Their corporate and BYOD mobile devices are poorly protected against such attacks, opening the door for hackers to easily access user, corporate and customer data. Among the organizations surveyed, 40% are Fortune 500 companies operating in industries which work with highly sensitive data, including financial services, health, the public sector, entertainment and retail.

“Mauritius needs to retain its status as a trade and economic hub and a transhipment point between Africa and Asia,” underlined Yusuf Assenjee, IBM’s Cloud Computing Leader for the sub-Saharan Africa region. “So many foreign institutions rely on Mauritius to also support their trade and economic activities. Companies in Mauritius need to gain multilayer protection against threats while improving audit and compliance reporting”, he added.

Yusuf Assenjee, who also leads IBM business in Mauritius and the Indian Ocean Island Territory, said any business or government department that does not put in place measures to better manage its enterprise security systems stood a good chance of exposing the organization’s affairs, including sensitive corporate and operational information as well as intellectual property, to all manner of threats and breaches.

Across Africa and globally, the number of mobile cyber-security attacks continues to grow. At any given time, malicious code is infecting more than 11.6 million mobile devices. Many organizations in Mauritius and across Africa now say that data theft and cybercrime are the major threats to their reputation. IBM’s enterprise security strategy is differentiated by an analytics-driven approach and the company’s ability to drive a unified security strategy across an enterprise.