Outdated tech, human errors expose Nigeria to 586,310 cyber threats in H1

In the first half of 2024, Nigeria witnessed 586,130 cyber threats against it, especially operators in the financial and telecoms industries. This was revealed in Lagos by cybersecurity technology company, Cybervergent, which warned of more attacks in the remaining parts of the year.

In its report, titled: ‘Breaking Down H1 Threats like a Weight Loss Journey,’ the firm said 586,130 cyber threats were detected, while 226,103 were resolved by automation within the period under review.

It added that 19,920 endpoints were protected while 13,305 false positives were identified by Cybervergent. It said 116,589 detection analytics were applied, while 304,522 events were analysed by the security operations centre (SOC) and 42,200 potentially malicious events were equally analysed.

Providing insights into the report, the Chief Solutions Officer (CSO), Cybervergent, Gbolabo Awelewa, at a media roundtable discussion, said the firm identified some areas where organisations are struggling. These, he said, include outdated equipment, limited resources, lack of knowledge and human error.

Awelewa explained that in terms of outdated equipment, legacy systems were holding many organisations back, making them easy targets for modern cyber threats. He said smaller organisations and even some larger ones were struggling to afford the right equipment (security tools) and trainers (skilled personnel) for a comprehensive workout

The Cybervergent CSO said with a lack of knowledge, many organisations were uninformed about the latest security standards like ISO 270001:2022, Central Bank of Nigeria frameworks and PCI DSS 4.0, leaving them vulnerable to data breaches.

According to him, in terms of human error, insufficient training led to avoidable errors, which subsequently opened the door for cyber attackers. He disclosed that certain industries including health, education, manufacturing and retail faced specific challenges and attacks.

The Cybervergent CSO stressed that cyber threats lurk like shadow boxers, waiting to land a knockout blow on firms’ data and operations. According to him, the most aggressive threat actors that targeted Nigeria in HI include Gelsium (a sophisticated cyber espionage group targeting high-profile organizations across various sectors). He said this group targeted public administration, educational services, national security and internal affairs. Its associated malware includes cobalt strikes among others.

According to him, there is also the Equation Group, whose target sectors are telecommunications, and mining among others. He described this as a highly sophisticated cyber attack group believed to be tied to the U.S. National Security Agency. He listed Lyceum, which is also known as Hexane, a cyber espionage group, primarily targeting energy and telecommunications sectors in the Middle East and Africa.

Other cyber threats focusing on Nigeria are Gamaredon, Circus Spider, Mirage, Common Raven, Bronze Highland and Earth Krahang. Awelewa said in the past six months, the cybersecurity arena has been bulking up with threats, saying “We’ve seen gains in cyberattacks, stressing that threat actors are not resting.”
He said Africa has witnessed a 37 per cent increase in cyber attacks, averaging about 2,960 per organisation weekly.

The report showed an increase in malware attacks in Africa with nomenclature such as SocGholish (disguised as browser updates); scattered spider (infiltrates through cloud identities); vidar info stealer (targets everything from crypto wallets to web browsers and even 2FA app on Windows and ride stealer (targets chromium-based browsers. Also referred to as the pickpocket of the digital world).

“To avoid this, back up your data regularly. Implement a robust backup and recovery plan to ensure you can restore your data quickly in the event of a ransomware attack. Additionally, train your employees to identify and avoid phishing attempts, a common tactic used to deploy ransomware,” he advised.

Insider threats also posed a significant risk to an organisation’s cybersecurity, Awelewa said, adding that these threats come from within–employees, contractors, or partners, who have legitimate access to systems but misuse them, either intentionally or accidentally. Awelewa therefore tasked organisations to implement robust access controls and monitoring systems.