Published on November 7th, 2021 📆 | 7188 Views ⚑0
Nigeria urged to invest in cybersecurity against spate of attacks
The value of the Internet cannot be overemphasised. In fact, its emergence made life easy and offered ample opportunities for many with just a push of buttons on laptops and phones. Many people with internet-enabled phones have wide-ranging things they do with them. Globally, people connect and engage in business. But technological advancement brings about diverse challenges including cyber attacks.
Cyber attack has been roundly defined as an attempt by hackers or cybercriminals to disable or damage a computer network or system. It can be done through phishing, ransomware, malware, man-in-the-middle or other ways.
An increase in cyber attacks has been reported globally. According to NEXUSGUARD, a cybersecurity company, in the first half of 2021, a distributed denial-of-service – a malicious and targeted attempt to disrupt traffic to a particular server, service or network, increased 233 per cent. It further reported that hackers used new attack patterns that can cripple communications service providers and internet service providers without being detected by signature-based methods.
Cybersecurity, as IBM defined it, “is the practice of protecting critical systems and sensitive information from digital attacks.” However, cyber attackers keep exploring new ways to sidestep defence measures and anti-cyberattack mechanisms.
Besides, cyber security experts have noted that constant cyberattacks would lead to a state of chaos, cause significant damage in the way businesses were done and erode the country’s reputation in the global space.
A Russian multinational cybersecurity and anti-virus provider, Kaspersky, reported that between January and June this year, of the 206,000 mobile malware detected and blocked by the company for the Middle East, Turkey and Africa, over 14,071 of them originated from Nigeria.
The rate at which cybercriminals adopt quick methods and technologies to perpetrate cyberattack is alarming.
According to the Centre for Strategic and International Studies, “close to $600bn is lost to cybercrime each year.”
According to a 2020 report by the Global Cybersecurity Index on the snapshot of cybersecurity measures taken by countries, Nigeria ranked 47th out of 182 countries, globally and fourth in Africa after Mauritius, Tanzania and Ghana in that order.
This significant increase in cyberattack is worrying and the Enterprise Sales Manager for Kaspersky, Africa, Bethwel Opil, stated that “Mobile malware remains a significant threat for corporate and personal users across Africa.”
African cybersecurity study by Demadiur Systems Limited noted that N270.22m was spent by banks, insurance companies and government institutions in Nigeria to prevent cyberattacks in 2018.
It noted in the report entitled, ‘Cybersecurity skills gap’ that parts of the funds were expended for the purchase of hardware and software such as Antivirus, load balancer, network access controls, among others.
In 2013, Nigerians lost about N159bn to cyber security threats, according to global payment giant, Paypal.com. Since 2014, the country is losing N90bn to cybercrime and in December 2015, it ranked 17th most attacked nation globally based on threat intelligence collated from Check Point Software Technologies
Using the pandemic as a bait to impersonate brands and mislead employees and customers, cybercriminals have been able to gain access to technological devices of unsuspecting individuals and corporate organisations. The Institute for Security Studies also affirmed that Nigeria witnessed an increase in Cyberattacks at the onset of the COVID-19 pandemic and lockdowns.
However, though the COVID-19 curve appeared flattened, cybercriminals continue to wreak havoc. Recently, the Nigerian Communications Commission alerted Nigerians to a malware, Flubot, targeted at stealing banking details from Android users by requesting “fake security updates and app installations.”
It was reported that in 2018, commercial banks in the country lost about N15bn to electronic fraud and cybercrime while over 17,600 bank customers lost N1.9bn to cyber fraud in the same year.
Meanwhile, the Nigeria Consumer Awareness and Financial Enlightenment Initiative projected a $6trn loss to cybercrime within and outside Nigeria by 2030. (Cyberattack or cybercrime?)
Commenting on how to curb cyberattacks in the country, a software engineer and tech content creator, Adora Nwodo, said cyberattacks affected individuals and organisations using the internet, stating that it could lead to personal security and financial threat.
Nwodo said, “Many times when I hear people talk about cybersecurity in Nigeria, they are usually talking about the banking sector. Cyberattacks can affect other organisations that do anything on the internet; from banks, hospitals to government agencies. This can lead to personal security threats (people’s private information getting leaked) and threats in finance. Cyberattacks can also paralyse systems and make data inaccessible. This is bad for everybody.”
She called for cybersecurity training for every individual and corporate organisation to enable them recognise security threats in their different forms and learn how to tackle attendant issues.
Nwodo added, “We also need to educate other Nigerian citizens through TV, radio or social media communications about not sharing passwords, using secured Wi-Fi, controlling who has access to their computers and more.”
She emphasised that cybersecurity should be taken seriously, adding “because it helps us protect all our data from theft and corruption. Our personal data, medical data, financial data (and more) getting into the wrong hands could be terrible for us as people. People have lost millions from scams, people have put unsolicited information online that has made them get security threats and more. Cyber attacks also aid identity theft and internet fraud and as people, we don’t want to fall victims to the scams.”
On his part, the Acting Director, Cybersecurity Department, National Information Technology Development Agency, Dr Ahmed Lawan, stated that victims of successful cyberattacks would suffer substantial financial, reputational and legal losses.
Lawan said, “The reputational damage that cyberattacks can inflict on a country is enormous. Trust is an essential component of any customer relationship, as it is in any business. Cyberattacks can devastate a company’s reputation and erode customers’ trust in a country or in businesses operating in one’s country.
“This, in turn, may result in a loss of customers, a decrease in sales, and a decrease in profits, all of which will eventually result in a decrease in revenue generated by the Federal Government. Furthermore, the reputational damage can have a significant impact on one’s suppliers as well as relationships with local and foreign investors. Lastly, organisations or businesses that are victims of a cyberattack will incur costs associated with repairing affected systems, networks, and devices.”
Commenting on ways to achieve cybersecurity, Lawan stated that security was a continuous effort and “having a solid incident response plan can help in case of attacks.”
He further called for an increase in raising awareness of cyberhygiene for every individual, regardless of their status, stating that this would help reduce the occurrences of cyberattacks.
Also, a technology policy analyst, data protection and cybersecurity lawyer, Moses Faya, said that the lack of trust, reputational damage and financial loss were the effects of cyberattacks in Nigeria.
Faya said, “Trust is the bedrock of everything so when there is a lack of trust, customers become wary of continual usage of the platform. This then leads to reputational damage which costs organisations more money to reassure customers of their brand as well as repair the damage caused by the attacks.”
He noted that every individual should be aware of the activities of cybercriminals and ways to mitigate the attacks.
He stated, “The cardinal aspect regardless of whatever is available and effective measures are awareness. No matter how secure one’s system is, humans are still the ones who give access to the attacks to happen. There should be an increase in awareness for individuals. Institutions are also encouraged to alert relevant authorities whenever they experience cyber attacks.
“People need to be aware that they should not click on links sent to their email or social media accounts from addresses or accounts they do not trust. The best way is to copy the link and paste them into the address bar of one’s browser to check if it is genuine. One’s email password(s) should contain small and capital letters and other characters. Do not use your birthday or that of your loved ones in your passwords rather use something that is not known to the public. Do not access your social media accounts or bank application over public Wi-Fi.”
Faya also urged governments to put in place technical infrastructure and institutions that would enable quick response to cyberattacks, adding that cybercriminals could rob individuals and organisations of their hard-earned money and private documents upon infiltration of gadgets.
He added that if Nigeria was able to improve its cybersecurity, it would redeem its image in the global space.
He added, “Data and one’s digital footprint is the new digital currency and people are hovering around the internet to find out how to get this information. But if we can put certain measures to protect such information from being used by the bad guys, then it would redeem Nigeria’s image and reduce organisational cost.”