At least two international organizations have warned that Botswana’s 2024 general elections may be marred by deep-fakes.
A “deep-fake” is a sophisticated digital forgery of an image, sound, or video. The forgery may be so good that a human is unlikely to detect the manipulation. The goal is to mislead and deceive, making it appear as though a person has said or done something when that is not the case. Supported by advances in artificial intelligence, deep-fakes have proliferated across the internet as the technology becomes less expensive and more accessible.
The 2023 World Economic Forum (WEF) Global Risks Report which was produced to highlight risks at the national and global levels lists failure of cyber-security measures among the top five threats that Botswana should be on the lookout for in 2023 and 2024.
According to the report, widespread cyber-crime and cyber insecurity also pose a major risk, including cyber-espionage and increasingly sophisticated cyber-crime, loss of privacy, and data fraud or theft. Cyber-attacks are getting more complex and costly all the time. In 2021, cyber criminals attacked the Motor Vehicle Accident Fund (MVA) network systems resulting in them offering clients manual services. With general elections planned for 2024 in Botswana, some experts are urging the country to strengthen cyber security measures to prevent online disinformation operations that exploit election campaigns and voters’ digital presence.
The KnowBe4 2023 African Cyberthreat Report has also raised an alarm about Botswana’s dangerously low cyber risk awareness ahead of the 2024 elections. The report was cited in an article under the headline: Deep-fakes worrying threat to democracy in Africa.
The article made reference to a report two weeks ago which revealed that, an Israeli firm called “Team Jorge” by an investigating team of journalists under Forbidden Stories was exposed for allegedly hacking, sabotaging, and spreading disinformation in at least 30 elections around the world, with 60% of those in Africa.
Some of the targets mentioned by “Team Jorge” to Forbidden Stories were two aides working in the campaign team of Kenya’s William Ruto who became president in August last year.
The KnowBe4 2023 African Cyberthreat Report is based on a survey conducted across Botswana, Egypt, Ghana, Kenya, Morocco, Mauritius, Nigeria and South Africa.
The report revealed that one out of every three employees is likely to click on a suspicious link or e-mail, or even comply with a fraudulent request.
So in a landscape dominated by mobile transactions and connections, the risk of crypto scams, social engineering attacks, ransomware and phishing remains consistently high.
“Digital device use, digital skills and connectivity were a priority for the survey to fully understand how devices are used, the perception of risk, and the applications most used on these devices,” says Anna Collard, SVP of content strategy & evangelist at KnowBe4 Africa.
“It found that WhatsApp is used extensively in Africa for work, more so than in other developed countries, and yet there is a lack of corporate advice and awareness around the risks.”
The report highlights that African businesses and internet users remain uninformed about how to mitigate cyber threats, which leaves them vulnerable.
It found that lack of awareness or training (52%) and distractions and multitasking (38%) are the main reasons for employees making security mistakes.
Furthermore, 43% of respondents were unable to correctly identify common cyber security threats such as ransomware.
The senior vice president of Content Strategy and Evangelist at KnowBe4 Africa, Anna Collard, noted WhatsApp messages from friends or colleagues were the most trusted among respondents, despite the fact they could be deep-fakes.
“It is also important to note that nearly 67% of respondents would trust a message from a friend or legitimate contact on WhatsApp or a direct message while 43% would trust a video, 42% an email and 39% a voice note.
“Any one of these could be a fake that the trusted contact did not recognize or their account was hacked,” she said.
