2023 general elections triggered cyberattacks on small businesses – Report
A report on Nigeria Cyber Threat Landscape 2022 by Cyber Security Experts Association of Nigeria (CSEAN) showed that the 2023 general elections triggered a deluge of misinformation, disinformation and cyber attacks on small businesses –which was more than double.
The report also revealed that Small and Medium Scale Enterprises (SMEs) had more cyber threats in 2022.
Mr John Odumesi, Director of Research and Development, CSEAN, presented the research findings at their two days conference tagged “Cyber Security: A Digital Transformative Tool in Achieving Sustainable Development Goals’’, on Tuesday in Abuja.
Odumesi said the research mirrored the trend of cyber-attacks in 2022 which would serve as a guiding tool on occurrences in 2023.
“Part of the findings and key threat trends we discovered is that data protection policies enforcement and disclosure practices are grossly lagging; there is a surge in corporate phishing attacks.
“There is a rise of ransomware in the industrial control system environment, compromise of business emails, and malware such as Backdoor skyrocketed.
“We also observed that the 2023 general elections triggered a deluge of misinformation, disinformation and attacks on small businesses –which was more than double.
“In the first three-quarter of 2022, 97 per cent of individuals lost about 1000 USD but we were not able to classify losses by organisations, but we classified the increase in the attack.
“For SMEs, there was an increase in phishing attacks of 84 per cent compared to the previous year of 37 per cent,’’ he said.
Odumesi urged the government to enforce regulations on data privacy and inform the public when institutions were under attack so as to take precautionary measures.
“To combat cyber attacks, we need to maintain a detailed cyber security policy; individuals and organisations should be email sceptic; organisations should develop an incident response plan.
“We also need to protect our systems, travel wisely on the internet, avoid password pitfalls and engage the services of Cyber security experts,’’ he said.
He said that the research survey engaged 552 participants, peer and non-peer reviewed sources, online media, cyber security reports, open-source intelligence among other sources.
Mr Yaniv Ovitz, Chief Cyber Technology Officer, CyberSoc Africa, said Nigeria is blessed with a huge pool of talents that could be engaged in combating cybercrime.
He said that the cyber security ecosystem had the capacity to create massive jobs for youths in the country to reduce the mass exodus of talents abroad known as the ‘Japa syndrome.’
“Today, we are losing a huge number of talents abroad and we need to develop the country; we don’t need to only export human capital but can export our technology as well.
“There are few unicorns in Nigeria, especially in the payment company, we expect to see cyber security unicorns to be well known in Africa,’’ he said.
Ovitz said there was a general progress in combating cybercrime in which the FinTech industry took the lead in 2019 with frameworks and regulations.
He said other sectors needed to key in and put their regulations in place and ensure its implementation, to foster development.
In his remarks, Mr Jimi Falaiye, Territory Manager, Sophos, West Africa, a cyber-security service provider, alluded that cyber security is a continuous exercise with no perfection.
Falaiye said that efforts and investments put in place by external threats (non-state actors) jeopardised efforts of internal actors in combating cybercrime.
“Cyber security ecosystem is a dynamic environment, so we have threat actors; these are the bad guys who are investing a lot in launching their attacks.
“Meanwhile, from the internal, it is usually reactive for most organisations, and it has formed an imbalance in the system.
“The good guys in organisations are trying to catch up with what the bad guys are doing, which should be on the contrary,’’ he said.
Falaiye recommended that government, private sectors, civil societies should invest in the right resources, acquire knowledge, skills, solutions to develop faster against external threat actors. (NAN)