When American president, George W. Bush signed a new law prohibiting the posting of annoying Web messages or sending annoying e-mail messages without the disclosure of real identity, it rubbed some quarters the wrong way. That was just a pointer on how annoying the anonymous nature of the Internet can be when allowed to go overboard. If such a law was applied to Africa, major attacks on corporate websites could be a thing of the past. Two months ago, hackers successfully attacked Information Technology (IT) systems of a leading mobile operator in Kenya and a local Bank defacing their websites with annoying messages that could take anyone to jail.

In part, the new law in the US read: "Whoever...utilizes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet... without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person...who receives the communications...shall be fined under title 18 or imprisoned not more than two years, or both."

Most countries in Africa have no specific law relating to the Internet especially in events such as hacking, exposing businesses to attack. At the moment, businesses based in Africa must be vigilant and ensure that their security is up to date to avoid falling prey to cyber attacks fuelled by lack of stringent laws.

Internal Sabotage can cost your company

A cyber attack can happen from internal sabotage by disgruntled employees or external contractors who are familiar with the configuration of a company’s system security or when a company has announced major milestones in its operations. Much of the tools used in hacking are freely available on the Internet and are able to crack passwords that hackers use to access ones system. Sometimes hackers use programs such as spy-ware to monitor everything that a company does stealing important files for malicious reasons.

The effects of hacking attacks

The effects of hacking attacks may come in several ways. For example, clients and other stakeholders lose faith in ones business if they perceive that important information and data is kept on unsecured servers. Vital business information may be sold to one’s competitors.

Adopt system security that work

Priority should be given to system security needs that make a company less vulnerable to attacks. A company should constantly monitor its Internet security to avoid surprise attacks. It’s also important to create a company policy that will control sharing of vital information within an organisation. To prevent unauthorised access to sensitive information, shred or lock up sensitive data that is no longer needed by the company. Last but not least, make use of difficult to guess passwords, anti-spy and firewall tools that prevent unauthorized access to your computer.