International Journal of Cyber Research and Education

Volume 2 • Issue 1 • January-June 2020

The Effectiveness of Cyber

Security Frameworks in Combating
Terrorism in Zimbabwe
Jeffrey Kurebwa, Bindura University of Science Education, Bindura, Zimbabwe
https://orcid.org/0000-0002-8371-8055
Eunice Magumise, Bindura University of Science Education, Bindura, Zimbabwe

ABSTRACT

This study investigated the effectiveness of Zimbabwe’s cyber security frameworks in combating
terrorism. Media reports and scholarly evidence have constantly shown that cybercrime has led to loss of
life, money, security, damage to property. There is a lot of concern among citizens of African countries
such as Zimbabwe, Kenya, and Nigeria that their governments are not equipped with effective cyber
security systems to combat these cyber threats. It is on the basis of these concerns that this study was
carried out with the hope of helping to close policy and knowledge gaps affecting the effectiveness of the
cyber security frameworks of Zimbabwe. The study used qualitative methodology and a case study
research design was utilised. The study was conducted in Harare the capital city of Zimbabwe. Key
informant interviews and documentary search were used to collect data. Among the findings of the study
were that cyber fraud and theft are some of the significant cyber security threats in Zimbabwe; that
Zimbabwe lacks established legislation and other regulatory institutions for cyber-security. Among the
recommendations are; that the Ministry of Justice, Legal and Parliamentary Affairs enacts cyber security
laws in Zimbabwe to combat cyber terrorism.

KEywoRdS
Cyber Criminals, Cyber Security, Cyber Terrorism, Zimbabwe

INTRodUCTIoN

There has been a paradoxical increase of cyber security threats that have accompanied the
improvement, usefulness and sophistication of cyber domains and information technology.
Mckinnon (2016) argues that the need for comprehensive cyber security measures has grown
exponentially in modern day. Ibrugger (2009) suggests that in the United States of America (USA),
cyber-space has become a potent instrument through which crime and terrorism are committed.
Bowen and Mace (2009) report that cyber related crime and terrorism have contributed to the loss
of US$46 billion worth of infrastructure, capital and other resources as well as over 5000 lives in the
USA since the year 2000. Mckinnon (2016) reports that no less than 200 child pornography rings
that had insidious cyber domains were apprehended in EU countries between 2000 and 2010.
Ibrugger (2009) suggests that another form of cyber threats has been that ransom ware, which
is a type of malware that involves an attacker locking the victim’s computer system files, typically
through encryption, and demanding a payment to decrypt and unlock them. Mckinnon (2016) posits

DOI: 10.4018/IJCRE.2020010101

Copyright © 2020, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited.

1
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

that malware has also been targeted at individuals, companies and government
institutions and is whereby any file or program used to harm a computer user, such as
worms, computer viruses, Trojan horses and spyware.
According to Mckinnon (2016), cyber threats in developing countries have been underreported
but have been just as severe and even more devastating. Bowen and Mace (2009) posit that cyber
criminals and terrorists view Africa in particular as a soft target as there has not been much
investment in comprehensive cyber security measures and resources on the continent. According
to Mckinnon (2016), terrorist organisations such as Boko Haram and Al Qaeda, human traffickers,
cyber fraud syndicates and military insurgents have exploited the internet to inflict harm on citizens
in such countries as Algeria, Burundi, Congo, Sudan, Ethiopia, Eritrea, Djibouti, Somalia, Kenya,
Uganda, Tanzania, Nigeria, Rwanda, and others have seen an increase in recent years. The
United Nations (UN 2016) reports that the internet has been exploited in crimes and violence that
has led to the loss of over 200 000 lives on the African continent between 2010 and 2015.
Mckinnon (2016), the cyber security measures in the USA and Europe are guided by well-
established policy and legislation, state of the art equipment, coordination with private firms and trained
personnel. However, suggests that the same cannot be said of Africa. Mckinnon (2016) posits that a
robust cyber security framework requires cyber security governance and oversight; cyber security risk
management programme; cyber resilience assessment; cyber security operational resilience; metrics,
monitoring and reporting, and compliance with statutory and regulatory requirements.
Ochab (2017) reports that only 9 out of 52 countries in Africa had by the year 2017 established
a comprehensive national cyber-security framework. Ochab (2017) also reports that this is despite
the fact that 44 of those countries have a considerable cyber dependency in critical infrastructure,
banking, law enforcement and national defense. Elu and Price (2015) assert that a lack of robust
cyber security on the African continent has led to the flourish of radical extremist terrorism in the
21st century. According to Berri (2017), the recent terror attack by al Shabaab in the port city of
Barawe in southern Somalia, a suicide bomb attack by Boko Haram in Maiduguri in Niger, and an
attack on a military post in Mali by an al Qaeda-linked terror group have brought the focus back on
terrorism in the African continent. Berri (2017) further posits that over the years, terrorism has
become the most important challenge to peace, security and development in Africa.

LITERATURE REVIEw ANd THEoRETICAL FRAMEwoRK

The study is guided by the space transition theory.

The Space Transition Theory
The space transition theory was developed by Jaishankar (2008) to specifically analyze and explain
cyber criminology after the inadequacies of related and derivative theories such as Kohlberg’s moral
development theory, Cohen’s strain theory and Skinner’s social learning theory. According to
Karupannan (2008), the space transition theory views the emergence of cyber space as the new locus of
criminal activity and explains the causation of crimes in the cyber space. According to Jaishankar (2008),
the space transition theory is premised on seven propositions that is; i) Persons with repressed criminal
behaviour (in the physical space) have a propensity to commit crime in cyberspace, which, otherwise
they would not commit in physical space, due to their status and position; ii) Identity flexibility, anonymity
and lack of deterrence factor in cyberspace provides the offenders the choice to commit cyber-crime.; iii)
Criminal behaviour of offenders in cyberspace is likely to be imported to physical space which, in physical
space may be exported to cyberspace as well; iv) Intermittent ventures of offenders in to the cyberspace
and dynamic spatio-temporal nature of cyberspace provide the chance to escape; v) Strangers are likely
to unite in cyberspace to commit crime in the physical space and that associations of physical space are
likely to commit crime in cyberspace; vi) Persons from closed society are more likely to commit crimes in
cyberspace than persons from open society;

2
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

vii) The conflict of norms of physical space with the norms and values of cyberspace may
lead to cyberspace.
Nature of Cyber Threats
The issue of cyber-crime is one that has been discussed by many people with various
perspectives on the issue, most coming at it from different sides than the others. Cyber-
crimes have gone beyond conventional crimes and now have threatening ramifications to
the national security of all countries, even to technologically developed countries as the
United States. Most cyber threats fall into the following broad categories.

Cyber-Fraud and Theft

According to Mckinnon (2016), from business, industry, government to not-for-profit
organizations, the internet has simplified business processes such as sorting, summarizing,
coding, editing, customized and generic report generation in a real-time processing mode.
Ibrugger (2009) suggests however, it has also brought unintended consequences such as
criminal activities, spamming, credit card frauds, ATM frauds, phishing, identity theft and a
blossoming haven for cybercriminal miscreants to perpetrate their insidious acts.
According to Bowen and Mace (2009) there are several reasons or motivations behind cyber-
attacks, it could be for the fun of it, the challenge, hacktivism and many more, but majority of the time it is
because of the money involved. Bobert (2017) posits that 2017 saw many cyber criminals make use of
cryptocurrencies because of its anonymous nature of payments. 2017 also saw increased adoption of
cryptocurrency as the combined market share for cryptocurrencies surged past the valuation of major
banks across the world. Bowen and Mace (2009) assert that several people now see cryptocurrency as
an investment opportunity to make profit while some have lost their fortune. Mckinnon (2016) asserts that
as it is normal for criminals to follow the money, cryptocurrency is not left out. Cyber criminals are
operating at every phase of the cryptocurrency ecosystem. According to Ibrugger (2009), the most
common attacks is on cryptocurrency exchanges (an exchange just like the Stock Exchange which
allows buying or selling using different currencies) by flooding the exchanges with requests so that it
becomes unusable in other to swing the value of the currencies.
According to Ochab (2017), another area is compromising of user systems in order for the criminals
to add to their mining botnets, that is, group of comprised systems that are used for mining. Mining in this
context is using a computer to solve a mathematical problem which is a process required to generate a
cryptocurrency). Lastly, there are several cryptocurrencies (over 1300) and several exchanges where
they could be traded, this increases the chances for newbies or unsuspecting people to be tricked into
investing in a fake cryptocurrency (good old social engineering). Ibrugger (2009) argues that the above-
mentioned trends are expected to continue in 2018 as interest in cryptocurrency continue to dominate the
headlines. Individuals and organizations should seek counsel from professionals as they tread this new
path. This study determined whether cyber-fraud and theft were some of the cyber threats that Zimbabwe
and Nigeria were vulnerable to.

Ransomware
According to Mckinnon (2016) ransomware became lucrative business for cyber criminals in 2017
especially since the code / malicious program could easily be bought online by anyone and used to
render an organization or any target captive. Bowen and Mace (2009) assert that ransomware was the
fastest growing security threat in 2017 as evidenced in several reports. Not only were there more attacks
on more businesses demanding more money, but the level of sophistication in distributing ransomware
also expanded. Ibrugger (2009) assert that these happened despite several warnings that people should
not give in and pay the ransom to attackers so as not to encourage them to continue. There were cases
where the data that could be lost if the targeted organization / victim did not pay up was very vital to the
existence of the organization, hence the victims had to give in and negotiate

3
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

with the criminals. Mckinnon (2016) posits that unfortunately this trend is expected to continue
in the New Year given the relative ease with which the attack could be set up and the attacker
could quickly cash in. It is also expected that ransomware in 2018 would start to target other
platforms apart from computers; majority of the attacks in the past were on systems running
windows operating systems, but it is expected that there would be a shift and focus would also
be on mobile devices especially those running on the Android platform. According to Bobert
(2017) prevention of ransomware attacks is possible only if individuals and organizations
would follow some of the most basic cyber security practices.

Hacking and Identity Theft

According to Mckinnon (2016), hackers make use of the weaknesses and loopholes in operating
systems to destroy data and steal important information from victim’s computer. Mckinnon (2016)
suggests that it is normally done through the use of a backdoor program installed on your machine.
A lot of hackers also try to gain access to resources through the use of password hacking software.
Hackers can also monitor what u do on your computer and can also import files on your computer.
Ibrugger (2009) posits that a hacker could install several programs on to your system without your
knowledge. Such programs could also be used to steal personal information such as passwords
and credit card information. According to Ochab (2017), important data of a company can also be
hacked to get the secret information of the future plans of the company. Bobert (2017) opines that
identity Theft, Credit Card Theft, Fraudulent Electronic Mails (Phishing): Phishing is an act of
sending an e-mail to a user falsely claiming to be an established legitimate enterprise in order to
scam the user into surrendering private information that will be used for identity theft.

Malware, Spamming and Viruses

Ochab (2017) asserts that viruses and worms is a very major threat to normal users and
companies. Mckinnon (2016) posits that viruses are computer programs that are designed to
damage computers. It is named virus because it spreads from one computer to another like a
biological virus. According to Ibrugger (2009), virus must be attached to some other program or
documents through which it enters the computer. A worm usually exploits loopholes in software or
the operating systems. Trojan horse is dicey. It appears to do one thing but does something else.
McKinnon (2016) argues that the system may accept it as one thing. Upon execution, it may
release a virus, worm or logic bomb. A logic bomb is an attack triggered by an event, like computer
clock reaching a certain date. Ibrugger (2009) reports that the Chernobyl and Melissa viruses are
the recent examples. Experts estimate that the Mydoom worm infected approximately a quarter-
million computers in a single day in January 2004. Back in March 1999, the Melissa virus was so
powerful that it forced Microsoft and a number of other very large companies to completely turn off
their e-mail systems until the virus could be contained. Bobert (2017) posits that spamming–
involves mass amounts of email being sent in order to promote and advertise products and
websites. According to Bowen and Mace (2009), Email spam is becoming a serious issue amongst
businesses, due to the cost overhead it causes not only in regard to bandwidth consumption but
also to the amount of time spent downloading/ eliminating spam mail. Mckinnon (2016) suggests
that spammers are also devising increasingly advanced techniques to avoid spam filters, such as
permutation of the emails contents and use of imagery that cannot be detected by spam filters.

Cyber Threats from Religious Terrorism

A form of cyber threat that has emerged in the 21 st century is the exploitation of the internet by many
affiliate groups and cells linked to religion-based terrorism, particularly that of a radical Islamist nature.
According to Agin (2016), Muslim fundamentalists have risen in what they term a Jihad or holy war
against Western circular and Christian ideology and practice. Asserts that Islamic fundamentalist terrorist
groups have manifested in the form of Al Qaeda that is widely believed to have orchestrated

4
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

the September 11 2001 attacks in New York in the United States of America (USA). Dowdeswell
(2017) posits also that Islamic terrorists have also form ISIS mostly found in the Middle East and
Boko mostly found in West Africa. According to the Institute of Economics and Peace (IEP 2017)
radical Islamic fundamentalism has contributed a significant amount of the global terrorism that is
experienced in modern day. According to Bobert (2017), there were 2,415 terrorist incidents in Iraq
in 2015, causing 6,960 deaths and 11,900 injuries. The death toll was actually 30% lower than in
2014, but it still means that Iraq suffered more from terrorism than any other country. Agin (2016)
asserts that in Afghanistan in 2015 there were 1,715 terrorist incidents, which caused 5,312 deaths
and 6,249 injuries. The deadliest came in September 2015, when Taliban forces stormed a prison
in Kunduz in the north of the country, resulting in 240 deaths. Denning (2016), in Pakistan, some
1,086 people still lost their lives and 1,337 were injured in the 1,008 incidents recorded in 2015 and
the deadliest group is the Islamic fundamentalist group Tehrik-i-Taliban, which was responsible for
36% of the deaths in 2018.

Cyber-Crime and Trafficking

Ibrügger (2017) posits that criminal terrorists and cyber criminals have exploited the internet for
trafficking. Mckinnon (2016) suggests that cyber-crime and terrorism has also occurred as part of human
and drug trafficking and pornography circulation. It consists of terrorists acts used to aid in crime and
criminal profit. According to Ochab (2017), the United Nations International Children’s Fund (UNICEF)
estimates that there are around 21 million trafficked people around the world each year. Ochab (2017)
further reports that this includes about 5.5 million children and that human trafficking is a crime that is
gendered, meaning that the primary victims are women and girls. Ochab (2017) also notes that the
United Nations Office on Drugs and Crime’s report Global Report on Trafficking in Persons 2016 reports
that women constitute 51% of trafficked persons, men 21%, girls 20%, and boys 8%. The International
Organization for Migration (IOM 2016) estimates that up to 800,000 people on average, are trafficked
across international borders each year. According to IOM (2016), over 800 000 suffer an assault to their
human security in one form or the other due to human trafficking. The United Nations Office on Drugs
and Crime (UNODC) Global Report on Trafficking in Persons (2016), reports that 45 per cent of victims
are trafficked within the same sub-region while 27 per cent are trafficked within the same country and 24
per cent across different regions.

Use of Internet by Cyber Criminals

Cyber criminals and terrorists utilize the internet in various ways and for various
purposes. According to Mckinnon (2016), Western governments have intensified
surveillance of such sites but their prosecution of site operators is hampered by concerns
over civil liberties, the Internet’s inherent anonymity, and other factors. CECPT (2015)
observed that cyber criminals and terrorists utilise the internet for the following purposes.

Indoctrination
According to Agin (2016), cyber criminals and terrorists use the internet to indoctrinate people and
potential sympathizers with propaganda. The number of terrorist sites on the internet increased
exponentially over the last decade, from less than 100 to more than 4,800 two years ago. CECPT (2015)
asserts that in the case of al-Qaeda, hundreds of sister sites have been promulgated but only a handful
are considered active. OICCIT (2017) asserts that the Internet is a powerful tool for terrorists, who use
online message boards and chat rooms to share information, coordinate attacks, spread propaganda,
raise funds, and recruit. Terrorist sites include the official sites of designated terrorist organizations, as
well as the sites of supporters, sympathizers, and fans. Agin (2016) opines that the most effective way in
which terrorists use the Internet is the spread of propaganda, as for example, Abu Musab al-Zarqawi’s al-
Qaeda cell in Iraq has proven particularly adept in its use of the web, garnering attention by posting
footage of roadside bombings, the decapitation of American hostage

5
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

Nick Berg, and kidnapped Egyptian and Algerian diplomats prior to their execution. According to
Dowdeswell (2017), In Iraq, experts say terrorist propaganda videos are viewed by a large portion of
society, not just those who sympathize with terrorists and insurgents. This research determined whether
terrorist groups utilise the internet to indoctrinate Zimbabweans and Nigerians with propaganda,
message boards and sympathetic websites with the view of gaining recruits, fans and sympathizers.

Fundraising
According to ASEAN (2017), online cyber criminals and terrorists fundraising has become so
commonplace that some organizations are able to accept donations via the popular online payment
service PayPal. Furthermore, Agin (2016) asserts that the networks of different terrorist cells retain a
certain camadarie and brothers in arms kind of relationship and therefore they usually pull resources
together to sponsor some activities that they would have been made aware of on the internet. Mckinnon
(2016) posits that such terrorist cells as the Al Qaeda in Iraq and Afghanistan as well Boko Haram in
West Africa have claimed territories that are rich in oil and they use that wealth to sponsor terrorist
activities even those that do not occur where they reside but through the internet they can insure that
funds are transferred to other areas such as Yemen, Syria, Lebanon, West Africa, the Sudan or Pakistan.
CECPT (2015) also found that fund-raising for illicit and terrorist activities is done through direct
solicitation, e-commerce and the exploitation of online payment tools. Ibrügger (2017) opines that direct
solicitation includes the use of websites, chat groups, mass mailings and targeted communications to
request donations from supporters. Websites can be used as online stores, offering books, audio and
video recordings and other items to supporters. This research determines whether or not terrorists have
utilized the internet to fund raise so as to sponsor their training and attacks in a manner that sis similar to
that described in this section.

Recruitment
Dowdeswell (2017) is of the view that cyber criminals and terrorist sites also host messages and
propaganda videos which help to raise morale and further the expansion of recruitment and
fundraising networks. According to Ibrügger (2017), Al-Qaeda’s media arm, As-Sahab, is among
the most visible. But an entire network of jihadist media outfits has sprung up in recent years. The
Internet also provides a global pool of potential recruits and donors. Agin (2016) opines that the
Internet is also used to develop support networks and relationships to solicit material and moral
support. Terrorist organizations use password-protected websites and restricted access Internet
chat groups for clandestine recruitment. ASEAN (2017) asserts that the reach of the Internet
provides terrorist organizations and sympathizers with a global pool of potential recruits. Restricted
access cyber forums offer a venue to exchange notes and refine strategies and tactics. The use of
technological barriers to access recruitment platforms has increased the complexity of tracking
terror-related activity. This study investigated whether recruitment had been one of the purposes for
which terrorist groups have utilised the internet in Zimbabwe and Nigeria.

Training
Agin (2016) asserts that cyber-criminal syndicate and terrorist websites can serve as virtual training
grounds, offering tutorials on building bombs, firing surface-to-air missiles, shooting at soldiers, and
sneaking into Iraq from abroad. Mckinnon (2016) posits that terrorist organisations also communicate
new training strategies over the internet and coordinate training manuals in internet chat rooms and
encrypted messages over social media. Bobert (2017) suggests that terrorist groups also utilize the
internet to establish new training bases particularly in places where there is porous security and conflict is
already a common phenomenon such as the Sudan, Somalia, Lebanon, Yemen and Syria.

6
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

Planning
Bobert (2017) asserts that usually the attacks that are carried out by cyber criminals and terrorist
groups hold a significance in meaning to them. ASEAN (2017) posits that the amount of casualty,
the setting and the day are important to terrorists as they believe that all this detail contributes to
the impact of their attack on the targeted community. According to Agin (2016), normally the
instructions of how an attack is to be executed usually come from high up. OICCIT (2017) suggests
that in the case of a suicide attack, the identification of the attacker that is to sacrifice themselves,
the venue, the day and the weaponry are usually coordinated by members of the terrorist cell that
the attacker themselves might not even meet in person but is communicated with over the internet.
According to ASEAN (2017), the 9/11 attackers were in constant contact with co-
conspirators that were in America and those in Afghanistan during the fortnight before the
attack. They coordinated plans of flight lessons, how and when the American flight system
was most vulnerable, who would hijack which plane and on which day. This study established
whether there are terrorist groups that have utilised the internet to plan terrorist activities in
Zimbabwe and Nigeria and to what extent these have been successful.

Spying and Surveying

Cyber criminals and terrorists have developed sophisticated encryption tools and creative
techniques that make the Internet an efficient and relatively secure means of correspondence.
According to OICCIT (2017), these include steganography, a technique used to hide messages in
graphic files, and dead dropping: transmitting information through saved email drafts in an online
email account accessible to anyone with the password. Al-Qaeda operatives are known to have
taken training in hacking techniques, Western governments have accused state and non-state
actors of infiltrating secure networks, including an alleged breach of a Pentagon system by Chinese
hackers in June 2007. According to ASEAN (2017), this ability to have an anonymous or hidden
presence on the internet enables the terrorists to spy and surveil potential targets and victims. This
study established whether terrorist groups and individuals in Zimbabwe and Nigeria utilized the
internet for spying and surveillance in their planned attacks in a way that is similar to that described
in this section or whether it differed.

Coordination
According to Mckinnon (2016), cyber criminals and terrorist groups also utilize the internet to
coordinate their attacks, training and recruitment particularly in areas such as Africa, the Middle
East and some parts of Europe and Asia were the internet surveillance and cyber security system
are not quite developed. Agin (2016) posits that most of the terrorist attacks that have occurred on
European and American soil have usually involved an attacker or attackers that had previously
travelled to the Middle East from their original countries after having networked with terrorist cells
over the internet. Bobert (2017) suggests that the bombers at the Boston Marathon had travelled
form their native Chechnya to Afghanistan weeks before mounting an attack on the Boston
Marathon victims. CECPT (2015) posits that at times terrorists coordinate attacks that occur on the
same day but in different territories by utilizing their communication on the internet. This research
determined whether or not terrorists in Zimbabwe and Nigeria utilized the internet to coordinate
their activities in a manner that is similar to that described in this section.

Travelling
ASEAN (2017) posits that regardless of the high amount of risk of getting captured or to the success of
their missions terrorists usually utilize the internet to make travelling arrangements, that is, to book flights
and other forms of transport. According to Agin (2016), the cyber-criminal and terrorist groups also
usually utilize the internet to make bookings of accommodation in the areas that they

7
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

plan to carry out the attacks. Dowdeswell (2017) observed that the 9/11 hijackers rarely used cash
and made frequent online purchases and payments. Agin (2016) motes that terrorists also utilize
internet tools to surveil the areas to which they will travel either for training purposes of to launch
attacks. Denning (2016) is of the view that the terrorists study the transport and security systems of
the areas, the terrain, the most populated areas and the radar system so as to choose the best
means of travel that would render them undetectable. This study established whether or not
terrorists utilized the internet to make travelling arrangements in Zimbabwe and Nigeria.

determinants of the Effectiveness of Cyber Security Systems in Curbing Terrorism

According to Mckinnon (2016), the tragic events of September 11, 2001, changed the landscape
and perception of global terrorism. Agin (2016) asserts that terrorist activity continues to be a major
challenge for policymakers in both developed and developing countries. Africa has been
increasingly recognized as a region warranting special counterterrorism attention. The
determinants of an effective cyber security framework are outlined below.

Level of Cyber Dependency

According to Agin (2016), the level of cyber dependency of a country or community usually
determines the level of cyber security that is necessary for that particular setting. Mudondo (2017)
Posits that contrary to popular opinion, cyber dependency is not the percentage of households with
a broadband connection or the number of people who have smartphones, but the degree to which
the critical infrastructure (electricity, railways supply chains) dependent on the network systems.
Thus, a state which is largely dependent on the systems in cyberspace has greater challenges in
the creation of a national cyber defense. ASEAN (2017) asserts that the extent to which critical
infrastructure is connect to the internet should guide the government and private tech companies
on the level of cyber security measures that should be taken.
Agin (2016) asserts that access to the country’s transport and communication network would
be extremely helpful to terrorist groups and this would live entire countries and large segments of
communities vulnerable to terrorist groups. Sophisticated and updated monitoring and surveillance
tools as well as firewalls to protect against cyber intrusion should therefore be put in place. This
study determined whether or not the level of cyber dependency has affected the effectiveness of
cyber security frameworks in curbing terrorism in Zimbabwe and Nigeria.

Technical Knowledge and Sophistication of Cyber Programs and Software

ASEAN (2017) suggests that there has to be a high level of technical, legal and political expertise
in crafting an effective cyber security framework. Cyber security covers the entirety of security
measures that could be taken to defend against these attacks. According to Mckinnon (2016), the
spectacular increase in the sophistication and intensity of cyber-attacks has, in recent years, led
most developed countries to toughen their resilience and adopt national cyber security strategies.
Ibrügger (2017) observes that new destructive practices are developing in cyber space, including
criminal use of the Internet (cyber-crime), including for terrorist purposes; large-scale propagation
of false information; espionage for political or economic ends; and attacks on critical infrastructure
(transport, energy, communication, etc.) for the purposes of sabotage.
Agin (2016) asserts that competent cyber security frameworks have to be able to identify
cyber machinations coming from both State or non-State groups as these cyber-attacks: know
no border or distance; are difficult to attribute: it is very hard to formally identify the true
culprits, who are often acting under the cover of unwitting relays (botnets) or intermediaries
(proxies) and; can be carried out with relative ease, with little cost or risk for the attacker.
CECPT (2015) asserts that they aim to jeopardize the smooth functioning of communication
and information systems (CIS) used by citizens, businesses and administrations, and even
the physical integrity of infrastructure that is crucial to national security.

8
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

ASEAN (2017) observes that with the National Cyber Security Strategy, the French State is
working to ensure the security of IT systems to move towards a collective response, towards the
digital trust required for the stability of the State, economic development and the protection of
citizens. Many players contribute to the efficacy of this strategy from technical and operational
standpoints. According to Agin (2016), created in 2009, the French Network and Information
Security Agency (ANSSI) is the French national authority on cyber security. The authority is a
genuine firefighter of French cyberspace, it is responsible for preventing, including from a
normative perspective and reacting to IT incidents regarding sensitive institutions. Agin (2016)
argues that it also organizes crisis management exercises on a national level. ANSSI currently has
over 500 staff members and continues to grow. Agin (2016) opines that the French Ministry of
Defense has a dual mission to ensure the protection of the networks which underpin its action and
to integrate digital warfare into military operations. In order to consolidate the Ministry’s work in this
field, a cyber defense operational chain of command (COMCYBER), placed under the orders of the
Armed Forces Chief of Staff, was created in early 2017. This study established whether the Cyber
security frameworks of Zimbabwe and Nigeria were comprehensive and characterized by technical
and institutional sophistication like that of France or other established frameworks.

Ownership and Control of Internet Domains

According to Bobert (2017), the extent to which the Government and private companies and individual
users of the internet have a control over the reach of the internet is also important to the nature of cyber
security frameworks that can be set up and how effective they will be. OICCIT (2017) asserts that in
China, the networks that make up their Internet infrastructure are under the control of the government.
The Chinese government has the power and means to shut down the Chinese portion of the Internet
from the rest of the world, which it would very likely do in case of a conflict with the USA. Agin (2016)
argues that on the other hand, the USA has no plans or the capacity to do so, because their cyber
connections are largely privately owned. China may limit the use of cyberspace in a crisis, refusing
access to certain users. According to Mckinnon (2016), the USA cannot do it. North Korea has high
scores when it comes to the defense and low dependence on the network infrastructure. Namely, that
country may terminate its limited connections with cyberspace in an easier and more effective way than
China. Agin (2016) asserts that North Korea has few systems that are dependent on cyberspace that a
large cyber-attack on its systems would have a minimal effect.

Legal Framework
Dowdeswell (2017) posits that a comprehensive legal framework is necessary for a
cyber-security framework to be effective. According to Agin (2016), if governments and
groups are held responsible for the cyber misdeeds of companies and organizations
within their areas of influence, a lot of irresponsible activity can be curtailed. Denning
(2016) opines that this can in the long run engender trust. It is therefore important to lay
down precisely the responsibilities of the governments and their national organizations to
behave in cyber-space in accordance with the international and national legislations.
Denning (2016) asserts that one major problem associated with cyber-attacks is that of attribution. It
is very difficult to assign responsibility to the perpetrator of a malicious activity either technically or at a
human level. Yet it is not entirely impossible to investigate cyber-attacks forensically and assign
responsibility. Agin (2016) suggests that one way of making attribution easier is by declaring the
geographic location of known IP addresses. Exchanging such information among groups, on regular
basis, can help reduce cyber mistrust. Cybercrime is one area, where groups can collaborate without
agitating the domestic hawks. Bobert (2017) posits that a legislative agreement to jointly tackle
cybercrime can cover broad range of issues like harmonizing laws covering cybercrime like online theft.
Social issues like child pornography and human trafficking already find mention in law manuals.
According to Ibrügger (2017), drawing inspiration from the International Humanitarian Law (IHL),

9
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

Rule 80 of the Tallinn Manual recommends that: In order to avoid the release of dangerous forces
and consequent severe losses among the civilian population, particular care must be taken during
cyberattacks against works and installations containing dangerous forces, namely dams, dykes,
and nuclear electrical generating stations, as well as installations located in their vicinity.

RESEARCH dESIGN ANd METHodoLoGy

This study used qualitative methodology, while a case study research design was utilised.
Data was collected using key informant interviews and documentary search. Purposive
sampling and snowball sampling methods were used to identify key participants. The key
informant participants were drawn from the Ministry of Information Communication and
Technology, Ministry of Justice, Legal and Parliamentary Affairs, Zimbabwe Republic Police
(ZRP) and computer experts. These participants were identified because of their expert
knowledge in cyber terrorism and are responsible for implementing laws in Zimbabwe.

dISCUSSIoN oF FINdINGS

The findings of this study are based on the field work carried out with key participants in
Harare the capital city of Zimbabwe.
Causes of Cyber-Crime in Zimbabwe
The respondents suggested that three main factors influence or cause cyber-crime in
both Zimbabwe and Nigeria and these are: socio-economic deprivation; religious
indoctrination, ease of cyber-crime and entertainment.

Socio-Economic Deprivation
Most of the respondents suggested that the most prominent cause of cyber-crime in Zimbabwe is
socio economic deprivation characterised by high unemployment, low income, rising cost of living
and limited investment opportunities. The respondents shared the consensus that in the two
countries most of the cyber-crime was perpetrated by the youth that were exposed to limited socio-
economic opportunities yet the cost of living was ever rising. It was the respondents’ common
assertion that the perpetrators of urban crime often do so to gain some form of income.
A high-ranking officer in the ZRP indicated that:

Most cyber-criminal intend to steal money or data that could be used to gain some income one way
or the other. The cyber-criminals obviously have some IT skill and knowledge that could be utilised
to earn a living in a legal way but because there are limited job opportunities they resort to crime.

A high ranking official in the Ministry of Justice Legal and Parliamentary Affairs in
Zimbabwe had this to say:

Most Cyber-crime in Zimbabwe like in many parts of the world often has a financial
motive. It is only opine form of the crimes that result from limited socio-economic
opportunities which sadly are prevalent in the Zimbabwean economy.

The study has established therefore that socio economic deprivation is a significant cause of
cyber-crime in Zimbabwe. The study determined that most of the cyber-criminals are drawn to that
crime because they are unemployed, earn very low incomes and lack access to basic goods and
services because of poverty. This is similar to the views of Ibrugger (2009 and Mckinnon (2016)

10
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

who suggested that most cyber-crimes have a financial element to it and are often
perpetrated by individuals and syndicates that feel they are not presented with adequate
socio-economic opportunities in their communities.

Ease of Cyber Crime

All the Zimbabwean respondents suggested that the ease, anonymity and lack of adequate cyber-crime
law enforcement have all converged to cause the rise of cyber-crime. The respondents suggested that
cyber-criminals found it easy to orchestrate cyber-crime remotely from many locations and anonymously.
The respondents also suggested that this often occurred in an unmitigated way as law enforcement in
both countries often could not match the skill of cyber-criminals.
A computer expert in Zimbabwe had this to say:

Most cyber criminals are encouraged by the fact that cyber-crime can be perpetrated
from the comfort of one’s home and anywhere far away from the victim of the crime.

Another computer expert in Zimbabwe mentioned that:

The anonymity associated with cyber-crime is also another factor that has caused more
people with even basic IT knowledge to engage in that nature of crime as they know how
to not leave a digital footprint in their crimes.

The study established from the responses therefore that the ease of cyber-crime had caused
an increase in the crimes. The study determined that the ability of cyber-criminals to orchestrate
crime remotely from far away locations without requiring to travel, organise or mobilise many
resources made the cyber-criminals feel that such crime was easy. Furthermore, the study
determined that the difficulty in detecting the source of these crimes encouraged more cyber-
criminals to commit the crimes. This finding is similar to the views of Mckinnon (2016), who
suggested that increased sophistication of technology works more to the advantage of cyber-
criminals than cyber-security officers as the cyber-criminals often have more technological skills
and knowledge than law enforcement making it easy for them to commit crime.

Entertainment
Most of the respondents also suggested that cyber-criminals also commit crime so as to entertain
themselves. The respondents suggested that many hackers are in the trade for the fun of it and to
outdo each other without any real financial or material gain but pride and enjoyment.
A high-ranking officer in the ZRP mentioned that:

Many cyber-criminals in Zimbabwe also commit crime because they gain pleasure from
sabotaging others such as through leaking private Emails, Whatsapp chats and so on.

The study established therefore that one of the significant causes of cyber-crime is
just entertainment and the enjoyment that cyber-criminals get from their crimes. This is a
finding unlike any that was discovered in the review of related literature.
Forms of Cyber Security and Terrorism Threats in Zimbabwe
Respondents suggested that the common and prominent cyber security and terrorism
threats that confronted Zimbabwe were cyber fraud and identity theft.

11
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

Cyber Fraud
All the Zimbabwean respondents suggested that cyber fraud particularly concerning the transfer of funds
from one bank or financial account to the other was one of the most typical cyber threat that occurred in
Zimbabwe. The respondents suggested that many Zimbabweans are lured into the deception due to
desperation brought on by the difficult economic conditions. The respondents suggested that in most
cases citizens are lured with job or academic scholarship prospects in foreign countries. Respondents
also suggested that at times Zimbabweans are lured with promises of rewarding investments particularly
in crypto currency and they are asked to make a deposit. Respondents suggested that after having made
the payment, the victims never hear from the fraudsters again.
A senior police officer with the ZRP said:

Cyber fraud inflicted on Zimbabweans usually involves people from neighbouring

countries who form syndicates with other local people to help them commit the offence.
Many such cases of this nature are continually being reported as people come to report
about transactions they would have made online which fail to be fruitful, and where the
deceivers will have disappeared without fulfilling their end of the bargain.

A computer expert in Zimbabwe said:

Often Zimbabweans that will have been coned on line discover that whenever they try to make
follow-ups of the occurrences, the entities, individuals or companies would have never existed to
begin with. When law enforcement and intelligence agencies intervene and call other countries to
investigate such issues, it is often discovered that the companies would have been using ghost or
fake social media accounts and websites create sorely for the purposes of committing fraud.

The responses are supported by secondary data as the Ministry of Information, Communication,
Technology and Courier Services published on its website the vast forms of cyber fraud and
vulnerabilities that Zimbabweans were exposed to. Many of them were alluded to by the key informants.

Identify Theft
Most of the Zimbabwean and Nigerian respondents suggested that one of the prominent forms of cyber
threats in Zimbabwe is that of identity theft. The respondents suggested that at times the cyber-crime
syndicates are not after money but the identity details of an existing person so as to exploit these in other
crimes. The respondents suggested that usually these syndicates establish a fake website that purports
to give online work such as entering codes of online ads with the promise of providing some reward. The
respondents noted however, that these websites often require that the individual provide all their
information including full names, country of origin, bank details, phone numbers, Emails, social media
accounts and so on. The respondents suggested that the websites often require too that the individual
sign up several of their friends to the website only to find out after completing all the tasks that there is no
reward at all but identity theft will have occurred.
A computer expert in Zimbabwe said:

Identity theft is a lucrative business in certain parts of the world. Most of the time the
stolen identity is exploited without any repercussions to the individual from whom the
identity is stolen but sometimes when the individual has some money in the bank account
of accounts this may be used by the identity thieves.

A senior officer in the ZRP said:

12
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

Developing countries in the Sub-Sahara are considered as obscure countries where

identity theft can occur without much detection and often that is true as a lot of people fall
victim to these deceptive tendencies. Often most Zimbabweans are saved by the fact
they rarely have savings in their bank accounts and that the banking sector in Zimbabwe
is not yet as advanced as permitting access to accounts from outside the country.

Features of the Cyber Security Framework in Zimbabwe

Respondents revealed that there are gaps in the cyber security framework in Zimbabwe
that include the lack of robust policy and legislation, a lack of government coordination of
cyber security, the absence of a national cyber security strategy that reconciles the
initiatives of all domestic stakeholders in the private and public sector. The study also
established that due to this gap there had been an increase in cyber-crime and increased
vulnerability due to Zimbabwe’ cyber dependency as is discussed in greater detail below.

A Lack of Legislation in Zimbabwe

All the Zimbabwean respondents suggested that the country lacked a comprehensive legislation on
cyber security as the policy if cyber security in Zimbabwe was at the time research was conducted
a bill tabled before parliament. Respondents suggested that there was no robust government policy
or strategic measure for comprehensive cyber security. Respondents suggested too that there was
no government institution that was specifically assigned to cyber security and that government was
in no way coordination cyber security institutions and policy in the country.
An official from the Ministry of Justice said:

In Zimbabwe there is currently no comprehensive policy or national strategy that

reconciles and mobilises institutions, resources and legislation for cyber security.
Different government departments such as the army, the police and the Ministry of
information all have some cyber security function that they incorporate in their day to day
activity but this is not reinforced by specific government policy or coordination.

The study established from the responses and secondary data that one of the aspects making
the cyber security framework in Zimbabwe ineffective is the lack of established legislation and other
regulatory framework that would be the basis of good practices and compliance to ethical use of
cyber domains. The need for comprehensive policy and legislation was stressed by Dowdeswell
(2017) who posits that a comprehensive legal framework is necessary for a cyber-security
framework to be effective. The lack of legislation is also in contrast to Agin (2016) views as he
stresses that, if governments and groups are held responsible for the cyber misdeeds of companies
and organizations within their areas of influence, a lot of irresponsible activity can be curtailed.

Fragmented and Private Cyber Security Companies in Zimbabwe

All the respondents suggested that cyber security in Zimbabwe is mainly offered to individuals
and companies by private cyber security companies that have not been mobilised into a
collective national cyber security framework. Respondents suggested that the effectiveness of
these companies to provide cyber security to individuals and companies is dependent on the
depth of the individual company’s technical knowledge and expertise as well as resources.
One respondent argued that:

There is no Government Department that pools together all cyber security resources and
institutions in a single national cyber security strategy. A national cyber security bill was
only tabled before the Zimbabwe parliament in January of this year and is still a bill to be
deliberated upon and eventually passed into law.
13
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

The study has established from responses and secondary data that in Zimbabwe there is no
reconciliation of cyber security institutions and resources into a single cyber security framework but
there are fragments of private cyber security service providers whose effectiveness is dependent
on their various levels of technical expertise and resource adequacy. The lack of coordination and
cooperation is in contrast to the views of ASEAN (2017) who suggest that there has to be a high
level of coordination in the technical, legal and political expertise in crafting an effective cyber
security framework. Cyber security covers the entirety of security measures that could be taken to
defend against these attacks. The findings also contradict Mckinnon (2016)’s view that the
spectacular increase in the sophistication and intensity of cyber-attacks has, in recent years, led
most developed countries to toughen their resilience and adopt national cyber security strategies.

Rising Cyber-Crime in Zimbabwe

All the Zimbabwean respondents suggested that the limited cyber security measure being deployed
in Zimbabwe has led to rising frequency of cyber-crime. The respondents suggested that both
institutions and private internet users have fallen victim to cyber-crime in Zimbabwe. The
respondents suggested that online accounts have been hacked and private images and videos
leaked. Respondents suggested that bank fraud has been committed. The respondents also
suggested that many computers, phones and ICT networks have been infected with malware and
many files lost. The respondents also suggest that there have been incidents of identity theft where
mostly private internet users have been asked to provide their personal information, including
banking details in the pretence that they will receive a reward of some kind in return.
An official from the Ministry of ICT said:

What is particularly concerning is that in the absence of comprehensive cyber security laws
and strategies it is difficult for the police to detect, apprehend and charge offenders. Most
cyber-crimes therefore usually go on unabated and no justice is brought for the victims.

The study established from responses and secondary data that there is unmitigated rise
in cyber-crime as there is a vacuum in the place of a comprehensive national cyber security
framework. The study has also established that because there is no robust legislation,
government coordination or specific department set aside specifically for cyber security in
Zimbabwe, Zimbabweans remain vulnerable to cyber-crime and terrorism. When the cyber
security framework is ineffective there tends to be an increase in cyber-crime as is posited by
Ibrügger (2017) posits that criminal terrorists and cyber criminals have increasingly exploited
the internet for trafficking. Mckinnon (2016) suggests that cyber-crime and terrorism has also
occurred as part of human and drug trafficking and pornography circulation.

CoNCLUSIoN

The study concluded that cyber fraud and theft are the most common and significant cyber security
vulnerabilities and threats that confront Zimbabwean citizens, companies and communities. These
findings are similar to the view of Mckinnon (2016) and Ibrugger (2009). The study also concluded
that identity theft is one of the significant cyber security threats that Zimbabweans are confronted
with. The study concluded too that cyber criminals pretend to be who they are not with fake social
media accounts and lure Zimbabwean internet users into providing their personal and private
information by making promises of job or education opportunities. These findings also support the
views of Mckinnon (2016) and Ibrugger (2009). Another conclusion of the research was that while
malware and computer viruses often find themselves to many computers in Zimbabwe, most of this

14
 International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

is not perpetrated by malicious cyber criminals or terrorists. These findings differ

somewhat from the views of Ochab (2017) and Mckinnon (2016).
The study found that cyber criminals utilise the internet through the spread of malware, hacking and
religious indoctrination. Furthermore, while the respondents suggested that hacking is also a cyber-crime
that occurs in both Zimbabwe and Nigeria, it was more harmful in Nigeria that has a significantly higher
cyber-dependency than Zimbabwe. The respondents also suggested however that Nigeria was beset by
a significantly higher frequency and types of cyber security and terrorism threats than Zimbabwe. These
findings are similar to the views of Ochab (2017) who asserts that cyber criminals may spread viruses
and worms which are a very major threat to normal users and companies. The findings also relate to
Bowen and Mace (2009) who as shown in literature suggest that hacking is a common cyber-crime in
most countries and is occurring at an increasing rate as the hackers gain more experience and
proficiency. Furthermore Agin (2016)’s view that cyber criminals and terrorists use the internet to
indoctrinate people and potential sympathizers with propaganda.
The study established that in Zimbabwe in particular there lacked established legislation and
other regulatory framework that would be the basis of good practices and compliance to ethical use
of cyber domains. The study also that the cyber-attacks in Nigeria had actually increased in the one
year that there has been a comprehensive cyber security framework. This would suggest that that
the framework is not yet effective in curbing cyber-crime and terrorism. However, the study
established too that the lack of effectiveness was not due to a limitation in quality and quantity of
resources and personnel but mainly due to the short time that the framework has been in
existence. These views support the views of Ibrügger (2017) posits that criminal terrorists and
cyber criminals have increasingly exploited the internet for trafficking. The need for comprehensive
policy and legislation was stressed by Dowdeswell (2017). The lack of legislation is also in contrast
to Agin (2016)’s views. Another conclusion was that in Zimbabwe there is no reconciliation of cyber
security institutions and resources into a single cyber security framework but there are fragments of
private cyber security service providers whose effectiveness is dependent on their various levels of
technical expertise and resource adequacy. The lack of coordination and cooperation is in contrast
to the views of ASEAN (2017). The findings also contradict Mckinnon (2016)’s views. The study
also concluded that there is unmitigated rise in cyber-crime as there is a vacuum in the place of a
comprehensive national cyber security framework. When the cyber security framework is ineffective
there tends to be an increase in cyber-crime as is posited by Ibrügger (2017) and Mckinnon (2016).

15
International Journal of Cyber Research and Education
Volume 2 • Issue 1 • January-June 2020

REFERENCES

Berri, K. (2017). Background Check International. Information Technology/Cyber Security

Solutions. New York: SAGE.
Bobert, E. O. (2017). Cyber Security, Terrorism and Regional Cooperation. Proceedings of the DBI/George Mason
University Conference on Cyber Security holding: Department of Peace and Security Studies. Academic Press.

Bowen, T., & Mace, S. (2009). Why U.S. troops may fight alongside Al-Qaeda in Yemen. The
American Conservative.
Dowdeswell, C. (2017). Split in ISIS-Aligned Boko Haram Group. Al Jazeera Centre for Studies.
Edu, K and Price, L. (2015). Cybercrime: Issues & Probable Policies for Nigeria [DBI Presentation].
Ibrugger, B. (2009). Cybercrime in Africa. Business Intelligence Journal. Retrieved from http://www.
saycocorporativo.com

International Telecommunication Union. (2013). Cyber-security Threats of the 21st Century.

Retrieved from http://www.itu.int
Karuppannan, J. (2008). Space Transition Theory of Cyber Crimes. New York: Routledge.
Krippendorff, K., & Bock, M. A. (2008). The Content Analysis Reader. Pennsylvania. UK: SAGE Publishing.

Latham, V. A. (2004). The dance of qualitative research design. In K. Denzin., & A. Lincoln (Eds.).
Handbook of Qualitative Research (2nd ed., pp. 379-399). Thousand Oaks, CA: Sage.

Madondo. T. (2017). Exploring Cyber Security Threats in Zimbabwe. Harare. Parliament of

Zimbabwe Research Department.

Mazzini, S. (2018): Cyber Crime and National Security: The Role of the Penal and Procedural Law,
Research Fellow, Nigerian Institute of Advanced Legal Studies. Retrieved from http://nials-
nigeria.org Accessed 20 November 2018
Mckinnon, A. (2016). Cyber Crimes and Solutions. Retrieved from http://ezinearticles.com
Nicholas, U. (2014). ISIS in Africa: Implications from Syria and Iraq. Zurich: Centre for Security Studies.

Ochab, P. (2017). Good talk, not enough action: The AU’s counter-terrorism architecture, and why it matters.
Institute for Security Studies. Policy Brief, 66.

Okuku, A., Renaud, K., & Valeriano, B. (2015). Cyber Security Strategy’s Role in Raising Kenyan
Awareness of Mobile Security Threats. Information and Security: An International Journal, 32(1), 1–20.

Sutherland, E. (2018). Governance of Cybersecurity-The Case of South Africa. Johannesburg:

University of the Waterstrand.

The International Organization for Migration (IOM). (2016). ISIS Growing Presence in Libya
Threatens Europe and the U.S. American Center for Democracy.
The United Nations Office on Drugs and Crime. (2016). Terrorist group Isis makes inroads into southern Africa.
African Review, 6(2), 14–23.

Jeffrey Kurebwa is a Lecturer in the Department of Peace and Governance at Bindura University of
Science Education in Zimbabwe. He has previous publications in cyber threats, cyber warfare and cyber
terrorism. He holds a PHD in Public Administration.
Eunice Maumise is a holder of a Master of Science Degree in International Relations awarded at Bindura
University of Science Education

16