Cybercrime in Ghana

Ghana has one of the highest rates of cybercrime in the world, ranking 7th in a 2008 Internet Crime Survey. The most popular form of cybercrime in Ghana is cyberfraud and is typically achieved via credit card fraud. However, recent decreases in universal credit card usage has seen the expansion of other cybercrimes such as blackmail and hacking. This growth in crime has warranted a government response, with policies specifically addressing the cyberspace being developed. This has necessitated various studies including a cyber security maturity study which was inaugurated by the Ministry of Communications and conducted by the Global Cyber Security Capacity Center (GCSCC) of the University of Oxford in collaboration with the World Bank.

History
Cybercrime in Ghana can be traced back to the "419 schemes" in Nigeria, also known as "advance-fee scams" prior to the internet. These scams were a form of credit card fraud whereby the perpetrator would offer a monetary incentive, usually in the form of an international money transfer, in exchange for several down payments from the victim. This form of scamming became especially popular during the oil crisis of the 1980s, as Nigeria's oil dependent economy made a large portion of the workforce redundant. Within this demographic was a large quantity of Ghanaian workers, who had migrated due to employment opportunities in the oil sector. Subsequently, the scammers imported the trade upon their return to Ghana, however, it remained relatively inconsequential in terms of scale. The proliferation of cybercrime in Ghana really began in the early 21st century when the Information and Communications Technology (ICT) sector became liberalized via a 5-year accelerated development program, helping to expand and improve telecommunications infrastructure. This led to a five percentage point increase in internet users from 2000 to 2011, with home internet subscribers reaching 3 million nationwide. This growth in internet usage, along with technological devices made available via e-waste, led to a significant increase in cybercrime due to relative ease of access to the cyberweb. Initially, credit card fraud was by far the most common cybercrime. However, since 2004, other types of both cyberfraud and other cybercrimes have become more popular.

Identity fraud
This form of fraud involves the perpetrator assuming a fake online activity and will contact victims via social networking and dating websites. The most common form of this is "romance fraud", which involves fake profiles being generated in order to attract victims. Typically, older men and women are targeted and are manipulated into sending gifts and money either for romantic purposes or because of a promise of reciprical gain. These frauds have the ability to be relatively sophisticated through the use of doctored photos, diplomas and other identification documents.

Fake gold dealers
This form of fraud is similar to identity fraud insofar as both assume fake online personas to attract primarily Westerners. However, fake gold dealers target investors looking for short-term monetary gain by offering co-ownership of lucrative gold mines in the south of Ghana. Typically, the scammers will show real gold bars as well as offer tours of mining facilities in order to gain the trust of the investors, however, upon the receipt of downpayments from the victims, will close their business.

Estate fraud
Unlike both identity fraud and fake gold dealers, estate fraud targets Ghanaians rather than Westerners. Quite often, Ghanaians will migrate abroad for employment opportunities, typically due to higher wages abroad, and come back to Ghana for retirement. These fraudsters set up fake websites offering luxury housing for those returning, and will offer to construct housing for them. The scammers sell blueprints, land and materials in progression to the victims, with the ultimate goal of maximizing wealth extraction.

Blackmail
Ghana is home to the largest collection of e-waste dumpsites in the world. These sites consist of old electronic items including computers, laptops and mobile phones. Culprits will rummage through these items in search of sensitive hardrives, that may contain information to blackmail victims. An example of this was an attempt by Ghanaian cybercriminals to blackmail U.S. Congressmen Robert Wexler upon finding his old hardrive in an e-waste dumpsite.

Hacking
The greater availability of technology and internet services has allowed for the sophistication of hacking techniques in Ghana. Like elsewhere in the world, the hackers operate for-profit, mostly via the creation of fake websites aimed at tricking victims into inputting credit card information. Alternatively, Ghana has also seen the creation of pro-justice hacking groups or "ethical hackers", who have mostly targeted government websites with the goal of exposing corruption.

Most cybercrime in Ghana is cyberfraud, through which perpetrators partake in fraudulent activities via the internet with the goal of financial gain. However, this may take many forms, with different tactics used depending on the culprit and the victim. Additionally, hacking and blackmail type scams have become more and more popular in recent years.

Sakawa
As cybercrime has increased in Ghana, it has seen the development of "sakawa", or the combination of internet based crime and West African traditionalist religion. Those who practice sakawa seek blessings from priests in order to improve cyber-scamming yields. In exchange, the perpetrators must perform specific rituals or activities in order to appease the spirits to which they pray. The popularity of this mixture between theology and cybercrime has led to the creation of the "sakawa boys" subset, which often flaunt jewelry and clothing as part of their aesthetic. Furthermore, sakawa boys also produce media such as film and music, which led to their mainstream breakthrough in 2007. Typically, sakawa boys tend to be male, under the age of 30, live near urban centres in slums, and are unemployed or underemployed, making the lifestyle available to them via cybercriminality appealing.

E-waste
E-waste, or electronic waste, has presented significant security and health concerns in Ghana, as the country currently boasts the largest e-waste dumpsites in the world. The growth in e-waste is due to two main factors; the booming ICT industry within Ghana, and the lack of cheap domestic e-waste disposal sites within more economically developed countries. This has been facilitated by the necessity for cheap electronics in Ghana, as many are not able to afford new technology. The issue has only grown in severity as infrastructure in Ghana has not been able to coop with increased waste. Consequently, e-waste sites have had both significant security and health impacts, on both a domestic and international level. E-waste has, to some extent, allowed for the proliferation of cybercrime within Ghana, due to sensitive information not being properly wiped from hard-drives. For instance, in 2008, UK environmental agencies found computers belonging to the National Health Services and local councils, in the Agbogbloshie dumpsite in Accra. Although no crime was committed using the information on the technology, it raised significant security concerns internationally.

Statistics
Between 2016 and 2018, the country lost over US$200 million to recorded cyber crime cases. According to the Ghana Police Service, more than half of these reported cases were linked to fraud.

Police also recorded an increase in cyber crimes in the country from 116 in 2016 to 412 in 2017 and further to 558 in 2018.

Legislation
The Ghanaian government saw cybercrime as an increasingly real threat by the mid-2000s. Up until the first major piece of legislation in response to the issue, the 2008 Electronic Transactions Act (Act 772), most convicted of internet fraud, a form of cybercrime, were charged in the criminal Code Act 20/60 Section 131. Critics argued that the lack of severity of punishment under this code, as well as a lack of relevance to the facts of some cases, meant that it served as a weak deterrent for cybercrime. Since Act 772 however, the Ghanaian parliament has continued to pass legislation specific to cybercrime, including the National Information Technology Agency Act, 2008 (Act 771) and the Data Protection Act, 2012 (Act 843). Despite this, some limitations with current legislation do exist, such as a lack of adaptibility to new forms of cybercrime and difficulty in collecting evidence to persecute under the new Acts.

National Cyber Security Awareness Month
One of the major interventions by government was the launch of a cyber security awareness month to improve knowledge of the Ghanaian populace on cyber security. The National Cyber Security awareness month was launched in October 2018 on the sidelines of the launch of the National Cyber Security Awareness Program. The following are the themes for previous years:


 * 2018: A safer digital Ghana
 * 2019: Demonstrating Ghana's Cyber Security Readiness

Cyber security policy and strategy
Ghana has adopted a cyber security policy and strategy to increase security of its citizens and the state from cyber attacks. The document is divided into three sections highlighting the common cyber challenges in the country, the existing local and global initiatives to prevent cyber fraud and ways in which laws on cyber crime can be enforced. It also defines the role relevant government agencies can play in ensuring a secure cyber space.

The policy also reviews what is classified as Critical National Information Infrastructure (CNII) – "assets, systems and functions" whose destruction or ineffectiveness could affect the country's national economic strength, national image, national defense and security, public health and safety and government's ability to function effectively.