Africa needs better online security, experts say

Implementation of DNSSEC and PKI will help

Building trust online remains a big hurdle to fully taking advantage of the Internet in Africa, and at the Africa Domain Name System Forum meeting in Nairobi earlier this month, experts called for more rapid implementation of security mechanisms on the central elements of the Internet infrastructure and recommended the use of DNS security (DNSSEC) extensions to counter the issue.

Kenya's country code Top Level Domain name registry (KENIC) has implemented DNSSEC. Kenya is also one of the few countries whose government has committed to a PKI implementation, which it began work on in March 2013, although the task remains unfinished.

A PKI is a complex undertaking in that it includes not only hardware and software, but also people and procedures to enable the use of digital certificates and public-key encryption. The payoff is a more secure environment where Internet users are able to securely verify that a website or online service is genuine and they have confidence that the online server they are communicating with can be trusted.

Kenya's delays are not for lack of awareness of the issues at stake when the identity of an online server can't be verified. Recently, the Kenyan government placed notices in local newspapers warning users away from a fraudulent site that aimed to swindle the public by masquerading as the legitimate, which offers micro-financing to qualified applicants. The copycat site was trying to take a fee from loan applicants.

At the meeting, co-organized by the Internet Society, ICANN and the AFTLD, Internet Society's Chief Internet Technology Officer Olaf Kolkman spoke of the need for deployment of DNSSEC, saying that trust in the Internet needs to be protected in order for adoption to increase. DNSSEC is a set of extensions to the Domain Name System which authenticate and verify certain data for DNS clients and can complement PKI, he said. For its part, "The PKI architecture has some vulnerabilities that the Internet Engineering community is trying to fix, one of those fixes involves having deployed DNSSEC. By combining DNSSEC and PKI you can increase your confidence that you are communicating with a genuine online service," he said, adding that it helps governments protect citizens' online communication.

Collins Oduor, IT Security Manager at iLabAfrica, Strathmore University Nairobi, concurs that implementing the PKI is crucial for Internet security.

"PKI is an effective mechanism that can be implemented to protect sensitive information from malicious attackers," he said. But other security initiatives need to be implemented alongside it. "We all know that it's impossible to achieve 100 percent security. Some of challenges with PKI implementation are not directly linked to the technologies used but to human errors or carelessness," he said.

Speakers at the meeting urged governments in Africa to take online security much more seriously, as increasing use of the Internet is a catalyst for economic activity.

Kenya is looking to implement various e-government initiatives that will include citizen participation. One of the state sites,, is getting a great deal of activity, with over 400,000 Kenyans applying for and renewing various official documents online. The government also plans to add the ability to make more than 100 kinds of payments online, so security is crucial.

The Kenyan government should focus on raising citizens' awareness about online risk, Oduor said. "The more enlightened the people are, the less they are likely to become victims of attacks such as phishing," he added.

Join the CSO newsletter!

Error: Please check your email address.

Tags ICANNsecurityInternet Societyinternet

More about ICANNIT SecurityTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Vince Matinde

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place