As Ghana continues to embrace the digital era with its growing internet penetration and technology adoption, the risk of cyber threats has surged significantly. The Ghanaian Cyber Security Authority (CSA) often highlights the urgent need for robust cybersecurity measures. Cybercriminals have become increasingly sophisticated, targeting individuals, businesses, and government institutions.
These threats pose substantial risks to data privacy, financial stability, and national security. To counteract this growing menace, it is imperative for Ghanaians to adopt specific cybersecurity measures, such as implementing multi-factor authentication (MFA) and strong passwords, which can significantly reduce the vulnerability to cyberattacks.
The Cyber Risk Landscape in Ghana
Ghana’s rapid digitization has led to an expanded attack surface for cybercriminals. The CSA reports that the top-five most reported incidents include online fraud, unauthorised access to protected systems, online blackmail, online impersonation, and publication of non-consensual intimate images. These cybercriminals often employ phishing emails and messages to deceive users into revealing sensitive information, such as login credentials or financial details.
Mitigating Cyber Risks with Multi-Factor Authentication (MFA)
Given the escalating cyber risks, implementing Multi-Factor Authentication is a crucial step for Ghana’s cybersecurity strategy. MFA adds an extra layer of protection to traditional username-password login methods. The data from Gitnux shows that MFA can prevent up to 99.9% of automated attacks, reduce phishing attempts by 75%, and decrease unauthorised access rates by 56%.
Promoting MFA adoption across various sectors in Ghana is essential. Many platforms enable MFA but witness a low adoption of the best practice, hence some of them are moving a step further into enforcement to require users to enable MFA. The banking sector, in particular, has recognized the significance of MFA in safeguarding customers’ financial data. The Cyber & Information SSafeguarding Ghanaian Cyberspaceecurity Directive issued in October 2018 by the Bank of Ghana already urged institutions to enforce MFA solutions on mobile applications to protect their customers’ accounts from unauthorised access.
Promoting Cyber Security Awareness – CISAB Vigilance First Campaign
The CISAB Vigilance First Campaign focuses on raising awareness and enhancing implementation of strong passwords and MFA solutions. In 2022, the campaign trained over 220 people in the use of MFA. Participants were mostly aged between 25 and 35 years old and were educated and comfortable with the use of technology. 60% reported using the same passwords for their online accounts and clicking on links or attachments without verifying the link. Following the training however, 42% of the participants implemented the MFA solutions presented by CISAB and available in the GCA Cybersecurity Toolkit on their online accounts.
While these results show that the majority of participants understood MFA and how to implement it, it also shows the need to explore how to increase awareness on strong passwords, password managers, and phishing with tailored advice to the targeted audience. Implementing MFA is a significant step towards enhancing an individual’s online security. However, using the same passwords for multiple online accounts, even with MFA in place, can still pose serious risks. When a password is compromised, it weakens the effectiveness of the additional authentication factors. For example, if an attacker gains access to your email account using the shared passwords and your email account serves as the recovery email for other accounts, they could potentially reset passwords and take control of those accounts without triggering MFA. Therefore, there is a need to find innovative ways to trigger the implementation of strong and unique passwords.
As Ghana continues its digital transformation journey, the risk of cyber threats looms large and implementing basic but effective cybersecurity measures like multi-factor authentication and strong and unique passwords can significantly reduce the risk of cyberattacks. A tremendous amount of work has been done in ensuring a safer and more secure digital environment for all Ghanaians by the various stakeholders, including CISAB Ghana, but there is still a tremendous amount of hard work that needs to be done in realisation of a safer cyberspace for everyone. By embracing these cybersecurity best practices and fostering a culture of awareness, Ghana can better protect its citizens, businesses, and institutions from the growing menace of cyber threats.
(Published in French @Africa Cybersecurity Magazine) Protéger le Cyberespace Ghanéen : La puissance de l’authentification multifactorielle et des mots de passe forts