[jumbotron heading=”Industry Insight: Hakeem Belo-Oasgie, Chairman of Etisalat Nigeria”]In this keynote address delivered at the 1st National Cybersecurity Forum 2014 (NCSF 2014) organized by Office of National Security Adviser in Lagos, Hakeem Belo-Oasgie, Chairman of Etisalat Nigeria, explains the need for broad collaborations to develop strategy to address “not just today’s or yesterday’s threat” but future challenges of cyber security in Nigeria[/jumbotron]
Key Points
- Mobile Phone Users 2000-2014: 200,000 to over 127m
- Internet Mobile Phone Users 2014: 57m out of 127m
- Cyber Threats now increasing in impacts, affect sensitive government operations: Iran drone virus, Edward Snowden, Interpol/CIA website hacks etc
- Nigerian Computer Emergency Response Team launched April 2014
- Cyber threats varies from Financial Gains or Hackvitism
Telecommunication Development in Nigeria
Digital communications technology has become commonplace in the lives of the contemporary Nigerian. We conduct a wide variety of activities from simple calls and text messages to online banking and ecommerce.
The growth of telecommunications services in Nigeria has been nothing short of spectacular. In 1999, there were about 400,000 fixed lines and about 20,000 analogue wireless lines – that is less than 500,000 telephone lines. Today we have over 127million mobile phone users, and of these users over 57 million are active Internet users.
Cybercrime
Like the rest of the world, Nigeria has embraced the global digital village in cyberspace. With the amazing array of opportunities this provides comes concurrent exposure to associated threats many of which are unfamiliar to us. These threats are carried out by individuals referred to as cyber criminals and their actions are what we call cyber crime.
It is no question that ICT has played an important part in the economy; the recent GDP re-basing exercise in Nigeria highlights the increased contribution of the ICT sector from 0.7% in 1990 to almost 9.0% in 2014. It is important that we harness the potential of this burgeoning industry whilst curbing the counterproductive effects of cyber threats, which negatively impact the positive contributions from technology to society. The GDP contribution from the ICT sector could be higher if there was a more effective and robust framework for dealing with the scourge of the “419” cybercrime which had a significant negative impact on Nigeria’s image.
Key issues of Cyber-Security
To illustrate the potential magnitude of Cyber security, consider the recent arrest of two individuals in Russia responsible for IOS ransom attacks in Australia and the US. Another example is the US drone, which was cyber-jacked by Iran and forced to land in Iranian territory. The INTERPOL, FBI AND CIA have also been victims at one time or the other.
The media is rife with allegations and counter-allegations of sponsored cyber-attacks. Other recent incidents include the Snowden whistleblower, the Stuxnet attack on Iran and the filling of cyber espionage charges by the US government against Chinese government officials.
These examples represent a paradigm shift on the impact of cyber attacks, which at their worst could potentially shut down a country’s critical infrastructure.
How Do We Keep Nigeria Safe
We are in a cyber-arms race- those trying to protect their technology versus those trying to attack and breach the technology. With Nigeria’s growing ICT space will come a proportionate significant of cyber threats.
In 2010, there were 286 million virus samples counted
- 783,562 samples per day
- 32,648 samples per hour
- 544 samples per hour
- 9 samples per seconds
The threats and the roles are changing. The purpose of attack is changing- money and ‘hackvitism’ (a portmanteau of Hack and Activism-with a focus on Politics, Free Speech and Information Ethics) have begun to play key roles.
- Globally, in the coming years there will be;
- Exponential increases in access to computers and the Internet
- Electronic commerce-based crime will increase
- Low value/high volume transaction scams will increase
- Loss of control of identity, at the individual, corporate and potentially, government level will create difficulties for both law enforcement and revenue agencies and the corporate world
- ISP fraud/intrusion will be on the rise
- Identity theft will be massively increased from an estimated $8.75 billion losses during 2002
- 20% of enterprise will experience a serious Internet security incident. Clean-up costs will exceed the prevention costs by 50%
- 90% of cyber-attacks will exploit known and avoidable security flaws.
Next Steps-How we need to tackle this
Our journey to keeping Nigeria safe from cyber-crime takes adequate collaboration across all sectors of the Economy and Government.
The establishment of the Nigerian Computer Emergency Response Team (NgCERT) could not be more welcome. This team, like others across the world, should thrive for a strive for a safer, stronger Internet for all Nigerians by responding to major incidents, analyzing threats and exchanging critical cyber-security information with trusted partners.
In addition, we need to work collectively to ensure:
Total commitment is required from the CEOs, Board and Government Executives to develop and deliver a holistic cyber security strategy
Coherent coordination by a single entity across the different security and law enforcement agencies. Clear governance, definition of roles and responsibilities.
Knowledge and skills development to gather information , analyze the collected information and draw logical conclusions from the gathered information
A strategy based in addressing future challenges, not just today’s or yesterday’s threat
Conscious effort to understand, global best practices on which to build the change- it is not a “bolt-on” strategy but a “built-in” strategy
Openness and transparency on our progress, our successes and our failures
I will close by quoting FBI Director James Comey who testified last month before Congress saying: “Computer crimes cut across every responsibility the FBI has. The challenge we face with cybercrime is that it blows away normal concepts of time and space and venue, and requires us to shrink the world just the way the bad guys have.”