‘Insider involvements account for 80% of electronic fraud’
Oluseyi Akindeinde, chief technical officer, Digital Encode, has attributed internal collaboration 80 percent of electronic frauds recorded in the country.He said that the incidences are more evident in the financial institutions whereas the firms put in place information technology infrastructure to prevent external intrusion; insiders are busy abusing trust reposed in them.
Akindeinde, whose company is actively involved in deploying of cybersecurity solutions for organisations noted that challenges encountered in the fight against cybercrimes include; under reporting of electronic fraud; lack of cooperation from affected parties or institutions; false claims; and deliberate sabotage of the fraud investigation process.
He explained that outside trained manpower, most organisations in the country cannot afford preventive measure against hackers. “For instance, Coreimpact software, which is a tool use by organisations and governments to conduct security checks on their networks cost between $75,000 and $100,000 and the training costing almost the amount is out of reach to many organisations. The applications are still a little expensive especially as this software are foreign owned coupled with the downturn in foreign exchange. However, companies are finding a way of it by scoping their environment well,” he added.
He urged government to set up cyber security operating centre that will give real time protection of networks of national critical infrastructure. According to him, the centre will serve as surveillance system for that will monitor activities on the networks of tier 2 internet service providers that bring internet in the country both undersea cable infrastructure and satellite networks as well as the country’s top level domain name the .ng network.
He added that organisations such as banks and telecom operators among others also need to establish their cybersecurity operating centre that will monitor their networks against hackers as well as electronic fraud.
Corroborating Akindeinde, Mike Odusami, chief executive officer, MAXUT Consulting and a member of Nigerian e-Fraud Forum (NeFF) said that third-party vendor risks are real as evidenced by the spate of security breaches that occurred in 2014 and 2015 at reputable global organisations.
“Banks risk exposure from cyber-attacks hinges not only on their own internal security and compliance efforts, but also on the strength of third parties that you share confidential customer data with, and those that are connected to your information systems. For starters some of the most damaging cyber-attacks reported in the last two years were perpetrated by exploiting weaknesses in third party information systems prior to gaining a foothold on the sought-after target.”
Osita Nwanu, Head, Systems Control & Business Continuity Management First City Monument Bank Limited, said that e-fraud will continue to grow, and combating it requires effective fraud strategies, collaboration and cooperation of many organisations in Nigeria including government agencies and other countries.“If otherwise, cybercriminals would be getting richer from the hard work of others due to lack of united front on the part of everyone.
As financial institutions adopt emerging payment systems and other technological innovations as a means of increasing revenue and reducing costs; cyber thieves on the other hand, are exploiting gaps inherent in these innovations to perpetrate fraud bearing in mind, the fact that security is usually not the primary focus in most of these innovations.”
No comments yet