By Sahr Ibrahim Komba
Sierra Leone is facing an unprecedented rise in cybersecurity threats, ranging from sophisticated malware attacks and phishing scams to the more personal and damaging phenomenon of cyberbullying on social media platforms. Experts warn that the combination of low public awareness, inadequate technical capacity, and limited resources is leaving the country’s digital infrastructure increasingly exposed to exploitation by cybercriminals.
In an era when banking transactions, communications, and government services are shifting rapidly online, the risks posed by cybercrime are no longer abstract; they have real, tangible impacts on the daily lives of citizens, businesses, and institutions. The growing dependence on digital systems has outpaced the nation’s capacity to adequately defend them, creating vulnerabilities that criminals are quick to exploit.
While the government has taken important steps by introducing national strategies and legislation to combat cybercrime, many stakeholders believe that far more must be done. They stressed that robust cooperation between the public and private sectors, coupled with stronger investment in digital literacy, is essential if Sierra Leone is to build a cybersecurity framework capable of protecting both citizens and critical national systems.
Social media platforms have evolved from being just spaces for social interaction into major channels for malicious activity. Incidents of cyberbullying, defamation, and blackmail are becoming alarmingly common. A survey by a social media change website revealed that over 43% of young people in Sierra Leone have experienced some form of online bullying. Particularly disturbing is the spike in cases where nude or compromising images are used to blackmail victims, leading to severe emotional distress, public humiliation, and, in some cases, the complete breakdown of personal and family relationships.
Beyond harassment, other forms of cyber threats are proliferating. Smashing phishing scams carried out through SMS messages is increasingly targeting mobile phone users, while deceptive phishing emails attempt to trick individuals into revealing personal information. The unauthorized access to personal and sensitive information often leads to financial fraud, identity theft, and long-term reputational damage for victims.
One of the most damaging cybercrime incidents in recent years occurred in 2023 with the emergence of an organized criminal syndicate known as Super-advertise. This group sets up offices in nearly every provincial headquarters, including Freetown, giving their operation the appearance of legitimacy. Through a mobile application, they promised extraordinary financial returns on small investments made via Orange Money.
Many of the victims, predominantly young people with limited knowledge of cybersecurity risks, were persuaded to invest at least Le200 with the promise of receiving equivalent or higher amounts in interest each week or month. Once trust was established, scammers encouraged these victims to recruit friends and family members, expanding the scam’s reach exponentially. When the operation eventually collapsed, hundreds of Sierra Leoneans were left with significant financial losses, and the perpetrators vanished without trace.
Later in 2023, another scam exploited the popularity of WhatsApp groups to spread fake investment opportunities. Criminals circulated links to unauthorized apps, encouraging small investments with the promise of large payouts. Once the money was transferred, the scammers disappeared, leaving victims not only out of pocket but also unknowingly complicit in spreading the fraud to their own networks.
These incidents served as a wake-up call, revealing not just the financial toll of cybercrime but also the urgent need for widespread public education on recognizing and avoiding online scams.
Recognizing the growing threat, Sierra Leone’s government enacted the Cybercrime Act and established the National Cybersecurity Coordination Center (NC3). The NC3’s mandate is comprehensive. It is tasked with regulating critical national information systems, conducting computer forensics, assisting law enforcement in cybercrime investigations, and fostering cooperation with international cybersecurity bodies.
These are essential steps in building a national defense against cyber threats. However, the effectiveness of these measures depends heavily on their implementation. Some critics argue that the Cybercrime Act has, at times, been applied selectively, targeting opposition figures and media organizations critical of the government. This has led to calls from policymakers and civil society for the law to be enforced impartially, focusing squarely on protecting the public from genuine digital threats.
The issue of data protection has also risen to the forefront of national security discussions. On February 22, 2024, the Rokel Commercial Bank (SL) Ltd Symposium, held at the FCC building in Freetown, shone a spotlight on the need to safeguard sensitive information ranging from Personally Identifiable Information (PII) to medical and financial records.
In today’s digital age, data protection is not just a technical requirement; it is a societal obligation. In Sierra Leone, this means implementing strict access controls to ensure that only authorized individuals can view or modify sensitive data, using encryption to secure information from prying eyes, and maintaining backup and recovery systems to ensure that data can be restored in the event of loss. Equally important are measures to ensure data integrity, proper data retention in compliance with regulations, and comprehensive data loss prevention strategies to guard against both accidental and malicious breaches.
For a developing country like Sierra Leone, the consequences of cybercrime can be particularly damaging. The combination of limited infrastructure, low levels of public cybersecurity awareness, and scarce financial and technical resources makes the nation a more attractive target for cybercriminals. Successful attacks have the potential to cripple public services, undermine public trust in institutions, and stall economic development.
Experts recommend a two-pronged strategy to address the challenge:
•Local Action: Invest in expanding digital infrastructure, integrate cybersecurity courses into higher education, and roll out continuous public awareness campaigns to help citizens identify and respond to threats.
•Legislative Integrity: Ensure that cybersecurity laws, particularly the Cybercrime Act, are applied fairly, transparently, and strictly for the purpose of public protection.
The expansion of digital payment systems, government e-services, and online business platforms means that Sierra Leone’s reliance on cyberspace will only continue to grow. Without a corresponding investment in security, the risks will escalate.
As Sierra Leone advances its digital transformation, safeguarding cyberspace is not merely an option, it is an urgent national priority. The country’s future economic growth, political stability, and public safety increasingly depend on its ability to defend against cyber threats. The time to act is now, before the vulnerabilities of today become the crises of tomorrow.
