Why cyber security should be priority, by CSEAN
As cybercrime continues to take newer forms and adapt against even advanced cyber defence systems, cyber criminals are also adapting further into societal trends.
The question of Nigeria’s strength or vulnerability remains a constant bug in the face of its growing technology-driven economy, where developed countries are continuously kept on their toes.
Even recently, the United States’ (US) Federal Bureau of Investigation (FBI) disclosed that a mysterious hacking group had had access to US government files for years.
According to Remi Afon, president of the Cyber Security Experts Association of Nigeria (CSEAN), cybercrime continues to grow, as cyber criminals are becoming ferocious in their attacks. He also said Nigeria is responsible for at least $9.3 billion out of the total global loss to the rising cybercrime.
Afon said 89 per cent of breaches have a financial or espionage motive, noting that cybercrime prosecutions are picking up in the country.He explained that the menace comes in different forms, “including 419, phishing, social engineering, malware, cyber bullying and identity theft, with cyber bullying becoming a massive threat in Nigeria.
“People are becoming very aggressive on social media. Unprovoked abuse has become the order of the day. The advice we give people is to report such abuse immediately for takedown,” he said.Afon advised that the immediate action against cyber bullying is to not respond.
However, evidence of the cyber bullying and possible threat of attack should be kept or preserved through mobile applications like screenshots, on mobile devices. Evidence of e-mails, text messages can also be kept and reported to the nearest Police Station.
Finally, the cyber bully is advised to be blocked.“Today, nations are not exempted from attacks. We have seen accusations and counter-accusation of breaches by different nations.
“The question you ask is: “Is Nigeria exempted from this attack or is it that we do not have the capacity to detect attack? I believe the latter is the case,” Afon said.
CSEAN launched its StopThinkConnect campaign earlier this year in Abuja with the aim of educating Internet users on vigilance and practice of safe online habits and to positively transform public and private sector collaboration towards cyber security.
The campaign has since expanded its reach to tertiary institutions in the country.At an event marking the National Cyber Security Awareness Month (NCSAM) of October, organised by the American Embassy in Lagos last week, its Consul-General in Nigeria, Mr. F. John Bray, was quoted as saying that as part of a US cyber security policy review, “the Department of Homeland Security created an ongoing Cyber-security awareness campaign, themed, ‘StopThinkConnect.”
Responding to a question on the origin of the StopThinkConnect campaign in Nigeria, Afon said it is indeed an initiative of American government with simple actionable steps of staying safe online.
Afon explained that CSEAN adopted the campaign in its awareness drive to further enlighten the Nigerian society on the increasing threat in the cyberspace.The campaign has, however, taken flight from it launch last year to at least five Nigerian universities, with more to follow.
They are University of Lagos; University of Abuja; Federal University of Technology, Minna; IBB University; University of Ilorin; and University of Ibadan.
Afon admitted support from the US government, however disclosed that the association does not receive any funds from it, but gets materials for the campaign, which are freely available on the StopThinkConnect website.
He urged the Nigerian government to engage experts to review its cyber security policy direction, lamenting the increasing cases of plate numbers cloning, driver’s license cloning, etc.
Afon stressed that Phishing poses great danger to banking operations and security of financial transactions in Nigeria, adding that the amount of phishing originating from Nigeria is massive.
He noted that the menace of phishing is on a vast scale and through several user-linked channels to mostly unsuspecting victims, while many keep falling victim to methods that continue to evolve against firewalls and solutions.
“Phishing is now the online version of 419 and cybercriminals are benefiting from the ignorance of unsuspecting masses.“Bank customers are the main targets. Criminals send emails claiming to be from banks in order to steal people’s banking details.
“The advice we give people is never to click on any link in emails and also delete suspicious emails immediately. “It may interest you to know that Nigeria cybercriminals are now using malware to achieve their malicious objective.”
When asked how Nigerians can catch up with the trends and develop detective capabilities against threats and what role government can play in this, Afon said awareness is the key to detecting phishing e-mails.
“We need to intensify our cyber security awareness campaign. The government’s cyber security strategy has provision for cyber security awareness; it is about time it is implemented.
“How vulnerable is the country? We are very vulnerable, because we don’t have necessary security control in place to protect our critical infrastructures.
“We have seen cases of government agencies getting hacked by ordinary script kiddies. You don’t need to be an expert to hack any government ministry or agency, because of their lackadaisical attitude towards cyber security,” he said.
He warned that several infrastructures are now being targeted by cyber criminals because of its online presence and Nigeria needs, as a starter, to identify all critical infrastructures and put necessary measures in place to protect them against cyber attacks.