As the digital age continues to evolve globally, the threat posed by cybercrime has become a major concern for both individuals and institutions in Nigeria and many other countries. In this report, MOYOSORE SALAMI writes that indeed, cybercrime is not a localised issue, as its impact is being felt across the globe.
 
Hackers are growing more sophisticated, leveraging technology to exploit vulnerabilities in various sectors, particularly telecommunications. Investigations by the Centre for Strategic and International Studies (CSIS) revealed that the cost of cybercrime would reach over $10 trillion annually by 2025, reflecting the exponential growth of online fraud. Hackers are engaging in diverse illegal activities ranging from ransomware attacks and phishing to identity theft and Subscriber Identity Module (SIM) swap fraud. These malicious acts have crippled organisations, resulted in significant financial losses, and eroded the trust that customers place in digital platforms.
 
The economic damage caused by cybercrimes is staggering. In Nigeria, the financial toll is particularly significant. Investigation revealed that Nigeria loses approximately $500 million to cybercrime annually. This figure includes losses from phishing, SIM swap fraud, identity theft, and other nefarious activities.
 
Recent arrests and investigations revealed how deep and widespread the problem has become. In Abuja, the Federal Capital Territory Police Command recently paraded six suspects who had been apprehended for their alleged involvement in registering SIM cards under false identities and selling them to criminals. These criminals, armed with SIM cards registered in the names of innocent citizens, carry out fraudulent activities shielded from detection.
The suspects, Ndubuisi Okeh, John Jock, Nafiu Tijani (a dispatcher), Nasiru Sulaiman, John Njoku, and Suleiman Musa, were caught red-handed by a team of detectives from the State Intelligence Department, led by Assistant Commissioner of Police Mohammed S. Baba. They had been selling the fraudulently registered SIM cards for prices ranging from N3,000 to N5,000, enabling their criminal clients to evade the authorities.
 
“We recovered a total of 1,100 registered SIM cards, three registration machines, two fingerprint machines, and a mobile phone from the suspects,” the FCT Commissioner of Police, Benneth Igwe revealed.
 
He detailed how the criminals exploited a loophole in the system that allowed four different phone numbers to be registered under a single National Identity Number (NIN). This loophole has been a boom for criminals who use street vendors to gather personal information from unsuspecting residents.
 
“These criminals employ street SIM card vendors to get the details of unsuspecting residents who buy SIM cards and register at the same time, the suspects have all confessed to the crime and will be charged to court after the investigation,” Igwe said.
 
While many people are aware of some forms of cybercrime, such as phishing emails and scam calls, only a few understand the full scope of the issue. Hackers infiltrate telecom systems, intercept data, and exploit vulnerabilities in app security and operating systems, making it difficult to trace and counter their attacks. As a result, many victims end up losing their life savings to these invisible criminals.

Adding to the complexity of Nigeria’s cybercrime problem is the recent economic situation. With high exchange rates, inflation, and low disposable income, the current economic hardship presents unique cybersecurity challenges.
 
According to stakeholders, if the economic situation continues to deteriorate, disgruntled employees may be incentivised to engage in malicious activities for financial gain. Insider-supported attacks may increase dramatically, leading to a rise in cyber-related financial crimes. The increase in internal and external collusion poses significant risks to both small and large enterprises, increasing the likelihood of data breaches, unauthorised access, and other malicious activities.
 
Moreover, the exchange rate debacle would likely increase the cost of products and licences, pushing organisations to explore alternative and cheaper solutions and services that may not necessarily address their risk exposure.
 
The Nexus Between SIM Fraud And Cybercrime
The sale of fraudulently registered SIM cards is a critical enabler of various forms of cybercrime in Nigeria. Hackers often use these SIMs to bypass security protocols designed to protect personal information and financial transactions. With access to a SIM card registered under someone else’s name, criminals can impersonate the SIM owner, gaining unauthorised access to sensitive accounts and data.
 
One notorious method employed by hackers involves SIM swaps, where they gain control of a victim’s phone number, thereby intercepting one-time passwords (OTPs) and other verification codes needed to access bank accounts, email addresses, and social media profiles. The implications are severe, not only for individuals who fall victim to these schemes but also for the broader financial system, which relies on trust and security.
 
According to data from the Nigerian Communications Commission (NCC), over 25 million Nigerians have been affected by some form of cybercrime, with losses estimated at over N250 billion yearly.
 
Battle For Cybersecurity: Are Measures Enough?
Despite the increasing threat posed by cybercrime, Nigeria’s response has been met with mixed results. The Cybercrimes (Prohibition and Prevention) Act 2024 was a landmark legislation aimed at addressing the rising tide of online fraud, hacking, and other cyber offences. The law provides a comprehensive legal framework for the prosecution of cybercriminals, yet its enforcement has been sporadic at best. Several high-profile arrests and convictions have been made under the Act, but these have done little to stem the tide of cybercrime.
  
To many stakeholders, the law alone is not enough; a more holistic approach is needed, one that includes public awareness campaigns, investment in cybersecurity infrastructure, and enhanced training for law enforcement agencies.
 
Moreover, the rapid advancement of technology, particularly with the rollout of 5G networks, has introduced new challenges. The increased bandwidth and connectivity that the 5G offers also create new opportunities for cyber exploitation.
 
Stakeholders warned that without significant upgrades to existing security measures, Nigeria could see a dramatic rise in cyber attacks, including faster and more efficient data breaches.
 
According to the Nigeria Cybersecurity Outlook 2024 by Deloitte, the rapid connection speeds of 5G will enable malicious actors to conduct cyber attacks more efficiently, with a likely surge in Denial of Service (DoS) attacks, and with faster networks, cybercriminals will be able to infiltrate data at a much quicker rate, reducing the time it takes to complete a data breach.
 
The report explained that organisations will need to bolster their defences against the evolving cyber threats that come with 5G technologies due to the expanded bandwidth and connection speed which will present more potential attack vectors, making it essential for companies to collaborate and develop comprehensive cybersecurity strategies.
 
Why Cybercrime Persists?
According to ResearchGate, the rise of cybercrime in Nigeria can be traced to several socio-economic factors, including unemployment, poverty, and the lure of quick wealth. For many young Nigerians, the promise of financial gain through illicit online activities often outweighs the risks associated with such ventures. They view cybercrime as a lucrative alternative to traditional employment and the availability of sophisticated hacking tools and the anonymity provided by the internet have only emboldened these cybercriminals.
 
Despite efforts by law enforcement agencies to clamp down on cybercriminals, the numbers continue to grow, with many youths viewing cybercrime as a viable alternative to traditional employment. Nigeria’s digital revolution has been a double-edged sword. On one side, the expansion of Internet access and mobile technology has driven innovation, entrepreneurship, and economic diversification. On the other, it has opened the door to a new breed of criminals who exploit these same technologies for illicit gain.
 
The Challenge Of Combating SIM Fraud
A telecoms executive, who asked for anonymity, noted that investing heavily in cybersecurity measures, when it is crucial, could significantly impact a company’s financial performance.
 
“The main challenge is finding insurance that can effectively cover cybersecurity risks, allocating substantial fund to enhance security measures often strains our budget. For instance, spending over N200 million to combat cyber threats might seem excessive, but it is needed for ongoing protection. This investment directly affects our productivity and profits,” the expert said.
 
The source also pointed to inadequate infrastructure and a lack of serious investment in cybersecurity as contributing factors. “Many companies do not prioritise cybersecurity, which is critical. Having a dedicated department to monitor and respond to cyber threats is essential but often overlooked.” A technology expert, Tayo Babalola, explained the challenges involved in curbing this menace.

“The telecom industry has made significant investments in technology to secure SIM registration processes, but criminals are always finding new ways to bypass these systems. Pre-registered SIM cards are particularly problematic because they undermine the integrity of the NIN-SIM linkage policy,” he said.  Babalola argued that while the mandatory SIM-NIN linkage is a step in the right direction, it is not a silver bullet.
 
“We need more collaboration between telecom operators, law enforcement agencies, and regulators like the NCC and NIMC to effectively tackle this issue. Public awareness is also crucial. Customers need to be educated on the dangers of SIM swaps and the importance of safeguarding their personal information,” he advised.
 
On his part, a cybersecurity expert, Christopher Oludare, told The Guardian that fraudsters were increasingly weaponising technology to steal identities, empty bank accounts and cause widespread disruption.
 
“Fraudsters are using everything from SIM swap scams to AI-powered voice spoofing to deceive unsuspecting victims. They are employing every trick in the book, but we don’t have to be victims. By strengthening customer verification processes, implementing multifactor authentication and leveraging AI-driven defenses, we can outsmart these digital criminals,” Oludare said.
 
While Nigeria has made notable strides in cybersecurity, Oludare emphasised that significant gaps still remain. He noted that although data protection laws are in place, enforcement is often weak, adding that the limited intelligence sharing between telecommunications operators and law enforcement agencies, coupled with underfunded infrastructure leaves network vulnerable to attacks.
 
“Nigeria has made progress, but critical gaps need to be addressed, data protection laws are crucial, but they must be enforced properly. Better collaboration between telecoms companies and law enforcement is essential and more investment in robust cybersecurity infrastructure is needed to close these cracks,” Oludare added.
 
Looking ahead, he pointed out that the future of telecom security lies in the adoption of cutting-edge technologies, highlighting tools such as blockchain, artificial intelligence, quantum cryptography, zero trust models and multi factor authentication as the key to building a resilient digital future.
 
“These technologies offer a powerful arsenal against cyber threats. By embracing them, Nigerian telecoms can future-proof their networks, protect customer data and stay ahead of the criminals who are constantly evolving,” he noted.
 
However, the NCC recognises the growing threat posed by SIM-related fraud and has ramped up efforts to curb the sale of pre-registered SIM cards. Partnering with the Office of the National Security Adviser (ONSA) and the National Identity Management Commission (NIMC), the NCC is moving to enforce stricter regulations and ensure that all SIMs are linked to valid NINs.
 
This collaboration has already yielded significant results. The NCC recently uncovered cases where individuals possessed over 100,000 SIM cards, all registered using dubious means. These discoveries have been instrumental in the crackdown on SIM fraud, but the fight is far from over.
  
“The complete linkage of all SIM cards to NINs is essential not only for safeguarding national security but also for enhancing the trust and reliability of Nigeria’s digital economy,” the NCC stated.