Cyber criminals in Nigeria have shifted focus from targeting organisations to people on the Internet, the Nigerian Cyber Security Report 2016 has revealed.
This shift in mode of attack has prompted the need to make security of individual in the cyberspace a top priority, according to the report.
The Nigerian Cyber Security Report 2016 explored the evolving threat landscape and incessant cyber-attacks on SMEs and large organisations in Nigeria.
According to authors of the report, cyber criminals are now adopting new methods of attack, hence developing and implementing security awareness training programmes have now become very crucial.
“It is evident that attackers are now performing more targeted attacks against specific members in organisations. It is crucial that organisations develop and implement security awareness training programmes. This can be done in-house or outsourced to qualified service providers”, the report authors recommended.
According to authors of the report, cyber criminals are now adopting new methods of attack, hence developing and implementing security awareness training programmes have now become very crucial.
The report states that regardless of the mode of training, “an organization should ensure a needs assessment is conducted before adopting any form of employee training program. Generally, top issues that should be addressed by the program include: Social engineering averting, detection of phishing scams, e-mail hygiene, Internet usage best practices and password hygiene.”
Commenting on the report, Ikechukwu Nnamani, President Demadiur Systems Limited and a major contributor to the Nigeria Cyber Security Report 2016, says technology adoption is driving business innovation and growth in Nigeria. But at the same time, it is exposing the country to new and emerging threats.
Nnamani says that the increasing value of information saved in Nigeria’s ICT infrastructure coupled with the belief that risk of detection and capture of cybercriminals is lower than that of traditional criminals, is a group factor that led to the increase in cybercrime in the country.
“Cyber-terrorists, spies, hackers and fraudsters are increasingly motivated to target our ICT infrastructure due to the increasing value of information held within it and the perceived lower risk of detection and capture in conducting cybercrime as compared to more traditional crime,” he said.
Nnamani, who is also Board Member of Nigeria Internet Registration Association (NIRA), reckons that the increase in cybercrime in Nigeria can also be attributed to the rising poverty levels, greed on both the perpetrators and sometimes even the victims.
He identifies other factors fueling cybercrime in Nigeria to include easy access to gullible targets by the criminals and lack of adequate legal and regulatory policies to prevent and prosecute the perpetrators when identified.
“Our research findings show that most Nigerian organisations are still ill-equipped and unprepared to respond to information security threats,” he adds.
Nnamani also advises that with the level of seriousness needed in curbing cybercrime in Nigeria, cyber security opens a large door of business opportunities for Nigerian entrepreneurs and researchers who can help in the building of cyber threat management infrastructure.
“This level of vulnerability presents great business opportunities for Nigerian entrepreneurs, researchers and vendors. For us to stay ahead of the threat curve, we need to continually invest in research, build local cyber threat management infrastructure and enhance their ability to anticipate, detect, respond and contain information security threats,” Nnamani explains.
He believes that Nigeria needs to leverage its local presence and understanding of the environment to provide a clear indication of the security problems on the ground.
This local presence combined with partnerships with regional and global players will provide globally tested solutions and approaches to address identified security problems, Nnamani advises.