As African states continue to transform into cashless societies, more criminals morph into faceless predators lurking through the deep depths of cyberspace. Nigerians reportedly lost $450m to digital fraud. More recently, the South African financial institution Standard Bank reportedly lost 300 million rands to ATM “heists” in Japan.
The Central Bank of Nigeria’s implementation of the Bank Verification Number (BVN) exercise is one of a few innovative means by which the Nigerian regulator reportedly reduced electronic payment fraud by 63% and attempted online fraud by 45.98%.
An equally significant measure was proposed for Ministries, Departments, and Agencies to link all MDA databases together. By achieving data harmonisation of this magnitude, cyber forensic/assurance specialists may overcome the cybersecurity challenges in Nigeria. It may become easier to overcome big data and metadata may become indispensable tools in this regard.
Greater focus on the development of skills within the ethical hacker community of Nigeria may be a viable solution to the growing risks of hacktivists and hackers. Incentives for acting in pursuance of the boundaries of the law may also be needed to ensure that individuals with resource capabilities to become hackers or crackers in Nigeria abide by the laws laid down in the recently implemented Cybercrime Act 2015.
Cheap Malware, Many Scams
The relatively cheap costs of purchasing malware to deploy attacks on banks, however, may be an issue of great concern. Malware, bought for as little as 25,000 nairas, can be used to breach banks’ and bank customers’ data. The cost, however, is not the only factor that drives underlying risks in this realm. Social engineering should not be overlooked as a key factor for consideration.
In 2014, a scam mail was sent purporting to come from CBN with a target to harvest card and online transaction credentials from several banks customers on a single phishing site (a clone of CBN page).
Nigeria’s Cybercrime Act 2015 has been received with both criticism and reverence. This is due in part to the fact that judiciary and law enforcement find it difficult to implement the act considering the contrasting perceptions of the often seemingly abstract nature of the intricacies of cybercrime.
The Need For More Security
The internet penetration rate in Nigeria remains comparatively low at approximately over 46%. This may not paint a clear picture of the true extent of damage that could occur during a period of cyber security breaches. It is likely that further research and analysis of the interconnectedness between internet users in Nigeria will need to be carried out in order to grasp the realities of cyber security risks in the nation. Legislation must be improved significantly to develop a more robust framework that promotes efficient mitigation of cyber attacks.
The US spends over $10bn a year on cyber security issues. Even with such tremendous costs, the US finds itself with increasingly complex cyber security risks. Nigeria will do well to take a proactive approach to an issue which cannot be avoided in the short-term or the long-term. The more time it is not dealt with properly, the more complex the challenges will be for the nation in the future when they arise in different, more formidable forms.