Skip to main content

Cybersecurity Strategy Advice for the Trump Administration: US-Cameroon Relations

March 24, 2017

Author:

Carl Taylor

Feature Series

Cybersecurity and the Trump Administration Series

Regional Recommendations for U.S. Cybersecurity Policy in the World

  • FSB_Headquarters
  • Mexico_US_Border_Car_Lines
  • India_Pakistan_Border_at_Night
  • Towers in Fog, Istanbul
  • DMZ_fence_with_ribbons
  • US-Japan_Bilateral_Training_Exercize
  • Singapore_Garden_by_the_Bay
  • Yellow_Havana_Windows
  • Brazil_Internet_Sign
  • Yaounde_Cameroon_view_of_city
  • EU_flag_over_brandenburg_gate
  • schwedagon_pagoda_spires_at_dusk
  • Google_sign_on_beijing_roof

Central Challenge

Cameroon is a longtime US ally and stabilizing regional force. It is particularly vulnerable to cybercrime, but a corrupt government makes any state-led cybersecurity effort risky.

Recommendations

  1. Create a policy centered on diversifying and protecting ICTs.
  2. Focus on education efforts, not government action.
  3. Focus on mobile industry expansion, not broadband connection.

In establishing a cybersecurity policy for Cameroon, the Trump Administration should avoid dealing with Cameroon’s famously corrupt government and instead should focus on private mobile business expansion and investment in educational institutions focusing on cybersecurity. As a long time US ally and stabilizing regional force[1] that connects landlocked Chad and Central African Republic (CAR) to the Atlantic both economically and in terms of Internet infrastructure, cybersecurity in Cameroon should be of utmost concern. 

Recommendation 1: Create a policy centered on diversifying and protecting ICTs.

Cameroon is beset with cybersecurity challenges. Among them is growing cybercrime and Boko Haram’s targeting of information and communication technology (ICT). Therefore, a U.S. cybersecurity strategy of protecting ICT development along with encouraging mobile diversification and investment will help protect the region from potential terrorist attacks on communications, which would protect U.S. interest, citizens, and allies while preventing an expansion of terrorist activities in the region.

Cybercrime

Cameroonian cybercrime has been simple, finically oriented, and usually carried about by ambitious students[2]. The most common cybercrimes are skimming — the practice of stealing ATM card information — scam business opportunities, sham animal sales[3], or “Sim Box” scamming — which is when people abroad can make calls at local rates. These crimes result in huge finical losses for people and business[4].

Cameroon is also home to typo squatting sites because the .cm Cameroonian country indicator is one letter off from .com[5].  Meanwhile, viruses are passed unintentionally amongst computer users due to the sharing of USB keys for music and printing. With the current rise in mobile specific malware[6] and an ever expanding population of educated youth and refugees[7] with little sources of livelihood, cybercrimes have the potential to grow.

Terrorist Attacks

ICT development and communication structures have been targets for terrorist in the region. Boko Haram attacks in neighboring Nigeria have hindered communication and ICT investments[8]. While Boko Haram’s influence in the northern regions of Cameroon has dwindled, bandits and displaced rebels from the CAR and Chad have taken their place in the security vacuum left by the Cameroonian defense forces’ focus on the Nigerian border. This lack of security forces could lead to new violent groups that practice much of the same communication cut-off tactics Boko Haram has used.

Cybercrime and communication attacks are weapons increasingly used by criminals and terrorists. Emerging violent and terrorist groups in the northern regions are likely to copy Boko Haram’s successful methods of attacking ICT and communication services. Cameroon’s importance in port and Internet access for landlocked countries, its long-standing alliance with the US, and role as stable force in the region, highlights the need for US backed stability for the country’s cybersecurity.

Recommendation 2: Focus on education, not the government.

To promote cybersecurity development, the US should focus on educational institutions, ICT literacy promotion, the Center for Cyber Security, Cyber Defense, and Digital Forensics’ (CSCDDF) work, and Cameroon’s sole cybersecurity export, Alie Joan Beri Wacka. This will allow the US to avoid complicated interactions with Cameroon’s notoriously corrupt government while still developing a lasting cybersecurity policy.

Cybersecurity and consumer protection policies are low priority to the Cameroonian government because of a clientele driven government[9]. There have been slight attempts at a few cybersecurity and consumer protection laws in 1998 and 2008[10][11], but their implementation is hindered by corrupt officials.

For example, in 2012, the Cameroonian government created the Telecommunications Regulatory Board (TRB) to mediate consumer and provider disputes. But due to TRB members’ close affiliation with the monopoly Camtel, limited action was taken[12]. In another attempt to take steps towards a more concrete cybersecurity policy, training was begun in the new CSCDDF[13] program at the University of Buea in 2015, led by Cameroon’s lone cybersecurity expert Alie Joan Beri Wacka and partnered with the American Bloomberg University. But a lack of confidence in law enforcement by politicians raised questions on the future power of CSCDDF officers[14].

The lack of trust in government is not only due to corruption, but also because of the government’s Internet censorship. In early 2017, the Cameroonian government cut off Internet access to the Anglophone regions of the country over protests about unfair treatment of Anglophones within the government[15]. Clearly, if the Cameroonian government cannot trust its own civil servants or trained officers, the US government should minimize any cooperation with the government.

Currently, all attempts by the US government and supranational organizations to work with the Cameroonian government to curb their corruption has not worked and at times has increased it. Due to the fast and changing nature of cybersecurity and its growing importance in the world the U.S. government should focus on loosely government connected organizations such as the CSCDDF to promote the local actors that will be the future change makers in the county.

Focus on ICT training for young Cameroonians is imperative[16]. Support for universities, such as the Bloomberg partnership with the University of Buea[17], and local NGOs such as the Association for Development, Communication and Environment (ADCOME) — which has implemented a Computer and Internet Access Centers (CIAC) project to promote ICT literacy with great success — are both sustainable models for the development of cybersecurity and Cameroon-U.S. relations and has the potential of winning over the young cyber criminals committing the majority of cybercrimes.

Recommendation 3: Focus on mobile industry expansion, not broadband connection.

With over 75% of Cameroonians accessing the Internet through mobile devices[18] any US cybersecurity policy in the country needs to focus on diversifying the mobile network and promoting ICTs to protect it from possible attacks. Previously Internet connectivity was reserved for the very rich due to the high cost of connecting through Camtel’s monopolized cable access[19]. In the past few years, the Cameroonian mobile industry has expanded to three main service providers, Orange, MTN and Nextel (Viettel)[20], which has increased mobile affordability and Internet connectivity[21] with 3G services in 2015[22]. According to Internet Live Stats, connectivity in Cameroon has been growing at around 2.5% annually[23]. With a large educated youth population and expanding mobile industry the economic outlook connected to the Internet, and its importance in cybersecurity is high.

Furthermore, due to the majority of Internet connectivity in Cameroon being through mobile devices focus on strengthening Cameroonian mobile industry through mobile network diversification should be central in the US’s future cybersecurity policy in the region. Such a method maintains the US practice of soft power in the region and protects both Cameroonians and US citizens from potential terrorist attacks on communications and ICTs. Such promotion can lead to US development of business interests in Cameroon and the region.

Endnotes

[1] Bureau of African Affairs. U.S. relations with Cameroon. in U.S. Department of State [database online]. 2016 [cited 10.01 2016].

[2] Abia, W. A., D. M. Jato, P. A. Abejo, E. A. Abia, G. E. Njuacha, D. A. Amana, L. K. Akebe, A. S. J. Takang, and D. O. Ekuri. 2010. Cameroonian youths, their attractions to scamming and strategies to divert attention. International NGO 5 (1993-8225): 110-116.

[3] Fairheart, John. 2008. Buying a pet online – seek the facts. ed. Vol. 2016Anatomy of a Pet Scam.

[4] Almost 3 billion in 2013 Cameroon Web. Cyber-criminality caused loss of 3bln to Cameroon in 2015. 2016 [cited 10/15 2016].

[5] Eichorn, Kim, and Weakley, GIna. McAfee’s third annual report names Africa’s Cameroon (.CM) the most dangerous country domain; japan (.JP) the safest. in McAfee [database online]. 2009 [cited 10/25 2016]. 

[6] Kigen, Paula Musuva, Carol Muchai, Kevin Kimani, Martin Mwangi, Barbara Shiyayo, Daniel Ndegwa, Brencil Kaimba, Faith Mueni, and Sylvia Shitanda. 2015. Kenya cyber security report 2015. Serianu.

[7] Over 300,000. European Commission Humanitarian Aid and Civil Protection. 2016. Cameroon: Echo factsheet. European Commission for Humanitarian Aid and Civil Protection.

[8] Ioannis Mantzikos. Boko Haram: The Anatomy of a Crisis. E-International Relations Edited Collections. e-International Relations, 2013.

[9] Freedom House. Cameroon. [cited 10/20 2016].

[10] Daho, Serge, and Siyam, Sylvie. 2014. The stammerings of Cameroon’s communications surveillance. Protege QV.

[11] Loi N 2010/012 Du 21 Decembre 2010 Relative Cybersecurite Et La Cybercriminalitie Au Cameroun, (2010).

[12] Owono, Julie, and Felix Blanc. 2014. Internet and broadband in Cameroon: Barriers to affordable access. Washington, D.C.: Alliance for Affordable Internet.  (11)

[13] Gabriel, Smart N. Cameroon: University of Buea research center to check cyber criminality launched. 2015 [cited 10/18 2016].

[14] Chimton, Ngala K. Cameroon’s dilemma in fighting cybercrime. 2016 [cited 10/23 2016].

[15] The Economist, “Lingua Fracas: Cameroon clams down on the internet, and Anglophones,” March 9th, 2017.

[16] Internet Communication Technology in Cameroon is on par with the rest of Africa. Further progress of ICT development would arise from secondary education support. While computer classes are mandatory in secondary schools it is rarely accompanied with any access to electricity, let alone computers. Based on my experience there, there has been no advancement since 2013. Nsolly, Ngaji Berty, and Ngo Mback Marie Charlotte. 2016. Integration of ICTs into curriculum of Cameroon primary and secondary schools: A review of current status, barriers and proposed strategies for effective integration. International Journal of Education and Development using Information and Communication Technology 12 (1): 89-106.

[17] Digital forensics. 2015 [cited 10/6 2016].

[18] World Bank. Cameroon. in World Bank [database online], 2015 [cited 10/15 2016].

[19] World Bank. Cameroon. in World Bank [database online], 2015 [cited 10/15 2016].

[20] Qiuyi, Tan. Vietnam’s viettel harbours global ambitions. in Channel NewsAsia [database online]. 2016 [cited 10/15 2016].

[21] For example, the village of Ngah-Ha, only two hours from a regional capital in the Adamawa region of Cameroon, just received cellular service in 2013 due to Nextel.

[22] Lancaster, Henry. Cameroon – telecoms, mobile and broadband – statistics and analyses. in budde.com [database online]. [cited 10/20 2016].

[23] Internet Live Stats. (2016). Cameroon internet users.

This publication was made possible in part by a grant from Carnegie Corporation of New York. The statements made and views expressed are solely the responsibility of the author.