ARE NIGERIAN BUSINESSES GIVING ENOUGH ATTENTION TO CYBER SECURITY?
There has been an enormous increase in global digitisation over the past decade and Nigeria is no exception. The use of mobile phones and the Internet to conduct business through e-payment, e-banking, e-registration and even e-learning is now a routine occurrence among large percentage of the Nigerian population. However, the sudden digitisation has left the country unprepared for one of the hard realities of going digital – cybercrimes.
The term “cybercrimes” refers to any crimes committed in cyberspace. Cyberspace is a limitless world of information, usually meaning the internet. Cyber Security is the method of protecting cyberspace, while Cyber crime refers to organized crimes targeting cyberspace and cyber security. Because of financial threats posed by cyber crimes, developed economies are beginning to take a much stricter approach towards cyber criminals
Cyber crimes are dangerous because our constant interconnectivity means that these crimes know no borders. Cyber crimes in Nigeria cost the country about 127 billion naira annually and by 2019 it is estimated that the world would have lost about 2.1 trillion dollars to cyber attacks. These attacks can target individuals and businesses alike. The question now is, given these figures, are Nigerian businesses giving cyber security enough attention? To answer this, let’s look at what the reality is.
In May 2015, the former President of Nigeria (Goodluck Ebele Jonathan) signed a Cyber Crime bill, which is a right step towards curbing the menace of cyber crime in Nigeria. In an attempt to further increase or set structures for cyber security in Nigeria, the Nigerian Electronic Fraud Forum (NEFF), National Computer Emergency Response Team (NCERT) and the National Information Technology Development Agency (NITDA) were created.
In 2017 alone, many businesses experienced cyber attacks. Some of these were reported, but a large number of other businesses will not even be aware that they have been compromised. These hacks led to a huge loss of money, information and damage to the image of a business.
Two types of attacks were most common, the ransomware and the CEO email spam. Ransomware (a malware) infects a system when a user clicks on a seemingly legitimate link and unknowingly downloads a malicious file. The moment the download completes, the virus encrypts the user’s server, drives, and files, making them inaccessible to the user until a ransom (usually in cryptocurrency) is paid. The CEO Email Scam, on the other hand, uses spoofing email or social engineering to assume the identity of a company’s CEO, then sends an email to an employee(s), authorizing an irregular transaction, which many employees fall for.
Given the number of businesses that experienced these attacks, it is quite obvious that very few businesses in Nigeria have procedures in place to combat cybercrime. There is a substantial lack of awareness about cybercrime among SMEs in Nigeria. Cybercrime is one agenda that must begin to top the list for businesses in Nigeria. Measures like data protection in Nigeria through data encryption, use of wired Internet connection, regular update of the operating system and regular back up of organizational data would be some of the measures businesses can take to protect themselves.
With the increasing occurrence of data breaches and cyber-attacks, business owners need to know the importance of protecting their data and information by making use of security consulting services such as Chert Security. Chert Security is a security firm specializing in vulnerability assessment, penetration testing, cyber security training, consulting services and security configuration of enterprise systems.