5/28/2019 Synthesis Essay - Google Docs

Magesh 1

Amrit Magesh

Ms. Curtin

Independent Research I G/T

17 May 2019

Cybersecurity Limitations in Developing Nations

In April 2014, news broke that a well-known group, titled Anonymous, decided to

conduct DDoS attacks on the Boston Children’s Hospital which resulted in many outages,

inability to access the network that tracked information of medical patients, and hundreds of

thousands in financial loss to respond to the damage of the attack (CIS Control 2017). The

intruder who conducted these attacks was charged and found guilty within a year. In Ghana, the

weak bureaucracy and limited police force make it difficult to enforce any initiatives or

legislative proposals taken by the government or catch any cyber criminals at all (Garson 2013).

Different countries can respond to these problems in a variety of ways, but the inability of third

world countries to manage cybersecurity makes these problems more concerning. Countries must

cooperate economically and set aside political differences to prevent these increasing cyber

crime rates internationally. In order to reduce increasing cybercrime rates, effective cybersecurity

in developing countries can be improved by an internationally funded and run protocol that

registers many countries and with more government risk management in third-world countries to

create programs that track, manage, and discipline cybercriminals.

Lack of attention, awareness, and preparedness for the field of cybersecurity in different

countries correlates to the increase in cyber threats, emphasizing the necessity for consensus.

One pressing issue is the lack of careers in cybersecurity related fields which highlights the

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 1/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 2

insufficient efforts of countries to subsidize cybercrime. Specifically, in the US, 300,000

cybersecurity positions within public and private subdivisions were unreserved for eleven

months (Cimpanu 2018). These jobs can potentially be removed due to their economic burdens .

This can promote future security threats which suggests the lack of regulatory policy to address

this issue. Furthermore, unlike developed nations, developing nations struggle to find skilled

cybersecurity specialists within their country (Morgus 2018). This can be associated with the

lack of education on the topic of cybersecurity and may encourage countries to reach outside

experts who can have profit motives that promote inefficient or ineffective spending. Ultimately,

this suggests that lack of preparedness may show reason to develop a standard protocol.

Another pressing issue is the increased inability of developing countries to maintain

effective cybersecurity policy. This emphasizes the increased threat of cybercrime and the

necessity of consensus internationally as some countries face disadvantages in capturing cyber

criminals due to its infrastructure. For example, Nigeria currently lacks the regulatory policies to

capture all the financial fraud within a certain scope (Ezeoha 2006). Nigeria’s local banks

improperly enforce internet protocols that align with international policies for electronic banking,

funding for banking laws, and increasing awareness and education. Moreover, West African

countries have a history of intense election related crimes and dictators that make it difficult in

passing legislation. For instance, violence ensues after demonstrations of political oppositions

and media/hate speech are rampant making public opinion insignificant and politically charged

(Human Rights Watch 2018). If nothing is done on improving effectiveness, cybercrime will

continue to be rampant. In addition to effectiveness, cybercrime continues to find its efforts

cheap and profitable in developing nations while cybersecurity maintenance has been expensive

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 2/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 3

and flawed (Fischer 2016). This gives an idea to developing nations that the costs are not worth

the benefits and that future cybersecurity needs cannot be predicted. Following the unappealing

idea of funding cybersecurity efforts, lack of consensus among the researchers in various

developing countries promotes a political gridlock (Fischer 2016). This will prevent future

advances and slow production of effective policy which is critical because cybersecurity has

distinct implications among different organizations in different sectors.

After decreased ability for maintenance over time, there is a tendency of the public in

developing countries to see cybersecurity as merely an unimportant issue. Developing countries

may find that there are many more concerning issues in the present. For example, some

institutions may believe that other costs, such as housing, food, education, or health, outweigh

the necessity of cybersecurity costs such as West African countries and the HIV/AIDS epidemic

(Morgus 2018). Ultimately, these other pressing issues tend to sidecast funding for cybersecurity

and diminish the security of the nation. Furthermore, there is a gap between what the

stakeholders believe in and the public thinks. Unclear instructions and communication between

the two groups can limit progress especially if people tend to resist change in the public sector.

For instance, ICT Frame states that if a phone company wants to update their version to remove

bugs or other malware, people are inclined to delaying the update (Adhikari 2017). This suggests

that developing countries are wasting their time, effort, and money. Another example supporting

the idea that people ignore or do not help advance initiatives made by stakeholders is when

mobile device security goes unnoticed at times even in developed nations. Only 14% of the US

population actually reports cases of fraud or scams against them (Glennon 2018). This is

significant because the federal government budget for cybersecurity amounted to 15 billion over

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 3/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 4

70 different agencies (Glennon 2018). If money is carelessly spent without a clear objective, the

money will be wasted and create a larger federal deficit. After some time, lack of preparation,

maintenance, or awareness to the field of cybersecurity can harm regular functions of societies.

Without an adequate protocol, cybercrime will continue to deteriorate common day

activities and peace in developing nations. An example today is that cybercrime freely

manipulates and instigates election related predicaments. It can suppress voter turnout with a

false report of long lines, inconvenience, or gun violence in a certain polling place (Uchill 2018).

Additionally, there is a lack of security with current voting machines: optical scan machines and

direct-recording election machines (Johnson 2018). Democracy, political activism, and election

results will be constantly manipulated and twisted, altering society and politics significantly, if

initiatives are not taken.

In addition to its negative implication on politics, increasing access to the internet creates

new online sectors that are subject to a variety of hacks. One sector is social media, which is

susceptible to scams, phony updates, or phishing applications. Cybercriminals can install

malwares through unknown links, surveys, contacts online, or doubtful advertisements to

promote beliefs to victims (Cooper 2017). Another sector is the concern with online

transactions. Despite its market and popularity exponentially increasing each year, cybercrime

may devalue e-commerce in the society and economy today (Khurana 2019). Known as identity

theft, the website or host that is used for e-commerce may appear to be genuine, but, realistically,

it could be misleading and intended to steal credit card or personal information regarding an

address, phone number, or date of birth in order to benefit themselves (Admin 2015). In the long

run, electronic trackers (cookies) pick up on data when people shop online making it harder to

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 4/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 5

avoid its harmful effects (Khurana 2019). Some harmful effects of the cookies are that it can be

used to unwillingly suggest advertisements, send spam email, or even retain credit card

information deceivingly. Ultimately, the lack of cybersecurity devalues the interest around

ecommerce and can slow the efficiency of any digitized economy today.

Lastly, the healthcare industry is a primary target for medical information because, unlike

other organizations, it does not make enough protocols for cybersecurity duties which increases

the risk for different types of attacks. One attack that cybercriminals share is ransomware: a

software that forces an amount of money to be paid or otherwise risk the malware to publish

sensitive, personal and financial information online (Kruse 2018). Another type are DDoS

attacks: a method that hackers may use to infiltrate and congest a network until it has lost its

functionality (Kartch 2016). When these DDoS attacks on a Boston Children’s Hospital occured

in April 2014, the hospital ended up spending “more than $300,000 responding to and mitigating

the damage from this [ddos] attack” (Cisecurity 2017). The increasing amount of DDoS attacks

and ransomware is especially concerning as government sponsored entitlement programs,

medicare and medicaid, account for a majority of the federal budget. As mentioned earlier,

wastage of federal spending seems to be a trend in cybersecurity initiatives which indicates that

the money is being used inefficiently. Moreover, the exertion of money and time to protect

healthcare systems seems to be introduced only after an attack has concluded which signifies that

there is a lack of attention to the field unless there is a clear and present danger. Therefore, to 

prevent  breaches  of  modern  day  activities  before  it  actually  happens,  developing  nations  can 

model off of universal ideas or protocols to retain policies. 

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 5/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 6

Developing nations can model off of successful and secured protocols from the United

States to advance cybersecurity. Federal programs enacted in the United States are an effective

way to transmit ideas to an international protocol because of their organization, specific

oversight and law enforcement. One part of a protocol may address roles to secure public trust as

the Congressional Research Service Agency which has a directive  laying  out  of  how  the  US 

federal  government  will  respond  to  both  government  and  private-sector  cybersecurity  incidents 

(Fischer  2016).  The agency’s efforts have been to immediate federal spending, legislative action,

and executive action in favor of cybersecurity (Fischer 2016). The Congressional Research

Service, which is known to be a highly factual source that many academics, businesses, judges,

or policy advocates use, is influential in politics and can sway public opinion about the necessity

of cybersecurity in a nation. In addition to addressing and setting the platform of the issue, a

protocol may adopt the use of public sector and majoritarian federal institutions in federally

mandated programs in the US to address cybercrime. For example, the Department of Homeland

Security accentuates different solutions in combating cybercrime by creating federal law

enforcement agencies to regulate cybersecurity: the U.S. Immigration and Customs Enforcement

(ICE) focuses on ensuring investigations into crimes are valid; the U.S. Secret Service Agency

creates task forces that find and arrest cyber criminals for data breaches, bank frauds, or other

related deeds; the Law Enforcement Cyber Incident Reporting provides information for local law

enforcement on how to share and report cybercrime (DHS 2018). This step shows that

prioritizing recruitment and retention of workers is a vital step of ensuring that the investigations

are effective. Finally, developing nations can model off of the oversight of the workforce from

the Federal Bureau of Investigations (FBI). The FBI recommends keeping workers informed on

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 6/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 7

ransomware and containing it through efficient firewalls, path operating systems, or other

softwares and frequently backing up data that is not connected to the main computer servers (FBI

2018). A well structured bureaucracy is a significant step in designing effective cybersecurity

policy because it finds effective methods of security to model off of.

In addition to modeling off of successful US programs, developing nations can model off

of other international organizations or foreign constituencies. For example, the Australian

Cybercrime Online Reporting Network (ACORN) restrictions and regulations on content in

Australia may be a valuable use because it predicts and prevents tactics hackers may use to

exploit countries with weak cybersecurity. Identity theft, phishing, providing personal

information through junk mail, phone calls, or messages occur most often within developing

nations (Admin 2015). Also, there may be phishing scams intended to access money and commit

criminal activity (KnowBe4). ACORN has placed restrictions and regulations on online content,

dismissing anything that depicts sexual content or informs people through videos online to

conduct cybercrime (Admin 2015). Strict regulation and restriction can be something modeled

off of in protocols made by developing nations. Developing nations may even be able to involve

and cooperate in global programmes on cybercrime such as the United Nations Office on Drugs

and Crime (Agustina diaz-Rhein 2019). If these countries are unable to maintain their own

protocols, cooperating in international protocols supports members states in financially poor

countries. Enforcing  legislation  and  protocols  will  ensure  effective  cybersecurity  under  the  help 

of many countries. 

Cybersecurity has been historically misinterpreted in many nations across the world;

however, it has become more of an apparent need in the last two decades due to the increase in

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 7/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 8

technological output and usage. It is difficult to measure whether or not developing countries are

willing to contribute to this field, but recent complications, unemployment, lack of an effective

protocol, and deterioration of commonday activities, indicate so. It is important to invest in the

field of cybersecurity today to reduce the effects of cybercrime in the future.

 
 

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 8/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 9

Works Cited

Adhikari, Chiranjibi. “CyberSecurity Challenges in Developing Countries.” ICT Frame

Technology, 9 Nov. 2017, ictframe.com/cybersecurity-challenges-in-developing-
countries/.

Admin. “Prohibited Offensive and Illegal Content.” ACORN - Australian Cybercrime Online
Reporting Network, ACORN, 22 Dec. 2015, www.acorn.gov.au/learn-about-cybercrime/
prohibited-offensive-and-illegal-content.

Agustina.diaz-Rhein. “United Nations Office on Drugs and Crime.” Global Programme on

Cybercrime, www.unodc.org/unodc/en/cybercrime/global-programme-cybercrime.html.

Cimpanu, Caitlin. "US Lawmakers Introduce Bill to Fight Cybersecurity Workforce Shortage."
ZDNet, 17 Sept. 2018, www.zdnet.com/article/us-lawmakers-introduce-bill-to-
fight-cybersecurity-workforce-shortage/.Accessed 3 Oct. 2018.

“DDoS Attacks: In the Healthcare Sector.” CIS Control 20: Penetration Tests and Red Team
Exercises, 24 Apr. 2017, www.cisecurity.org/blog/ddos-attacks-in-the-healthcare-sector/.

DHS. “Combating Cyber Crime.” Department of Homeland Security, 20 Nov. 2018,

www.dhs.gov/cisa/combating-cyber-crime.

Garson, Philippa. “Cybercriminals Find Wonderland in Developing Countries.”

OpenDemocracy, 10 Dec. 2013, www.opendemocracy.net/opensecurity/philippa-garson/
Cybercriminals-find-wonderland-in-developing-countries.

Glennon, Lorraine. "Tracking down the Crooks." Consumer Reports, vol. 83, p. 32. MasterFILE
Premier, http://bit.ly/2yQYmsE. Accessed 24 Oct. 2018. Excerpt originally published in
Consumer Reports.

Ezeoha, Abel Ebeh. “Regulating Internet Banking In Nigeria: Some Success Prescriptions– Part
2.” Journal of Internet Banking and Commerce, Apr. 2006, www.icommercecentral.com
/open-access/regulating-internet-banking-in-nigeria-some-success-prescriptions-part-1-12
.pdf.

“Cyber Crime.” FBI, FBI, 26 Sept. 2018, www.fbi.gov/investigate/cyber.

Fischer, Eric A. “Cybersecurity Issues and Challenges: In Brief.” Federation of America

Scientists, 12 Aug. 2016, fas.org/sgp/crs/misc/R43831.pdf.

“Guinea: Ensure Security Forces Show Restraint.” Human Rights Watch, 29 Mar. 2018,
www.hrw.org/news/2018/03/29/guinea-ensure-security-forces-show-restraint.

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 9/10
5/28/2019 Synthesis Essay - Google Docs

Magesh 10

Johnson, Neil. “The Real Crisis of US Election Security.” TrustTheVote, 11 Oct. 2018,
trustthevote.org/blog/2018/10/11/the-crisis-of-us-election-security/.

Kumar, Abhineet. “Norton Reveals The Shocking Scale of Cyber Crime in Asia.” Tech in Asia -
Connecting Asia's Startup Ecosystem, 12 Sept. 2011, www.techinasia.com/cyber-
crime-asia.

Kartch, Rachel. “Distributed Denial of Service Attacks: Four Best Practices for Prevention and
Response.” SEI Insights, 21 Nov. 2016, insights.sei.cmu.edu/sei_blog/2016/11/distrib
uted-denial-of-service-attacks-four-best-practices-for-prevention-and-response.html.

KnowBe4. “What Is Phishing?” Phishing, www.phishing.org/what-is-phishing.

Morgus, Robert. “Getting the International Development Community to Care About Cyber
Security.” Council on Foreign Relations, Council on Foreign Relations, 7 May
2018, www.cfr.org/blog/getting-international-development-community-care-about-
Cybersecurity.

https://docs.google.com/document/d/1dd0PRtOuqgvcifGWLS8QePUbxIfHYNucGLvnY6jLdo4/edit 10/10