The head of an international criminal network behind fraud totaling more than $60m was arrested in Nigeria in June 2016. The 40-year-old Nigerian male was found in Port Harcourt as the result of a global investigation led by Interpol.
Such crime “poses a significant and growing threat, with tens of thousands of companies victimised in recent years,” Noboru Nakatani, executive director of the Interpol Global Complex for Innovation, warned in a statement.
Now viewed as a more serious security threat than even terrorism, cyber attacks and data breaches are now considered the leading risk to businesses today.
Nigeria’s National Information Technology Development Agency (NITDA) estimates that the local population lost $450 million to digital fraud in 2015. Meanwhile, cyber fraud attempts in the country in the first half of 2016 are reported to have increased by 1,000 times.
Nigeria’s cybercrime act was finally voted into law in May 2015, which defined the legal consequences faced by individuals and corporations found to be in violation of the law. However, many are questioning whether the government and corporations are doing enough to keep cyber threats at bay, and ensure the security of the population.
The website of the Independent National Electoral Commission (INEC) was hacked on the day of the 2015 presidential election. Then, the Lagos state government suffered a major breach in December 2015.
Tope Aladenusi, Partner at Deloitte Nigeria, says that the cybercrime act “is a welcome development but many key stakeholders such as the judiciary and law enforcement agencies are yet to come up to speed in understanding and implementing the act.”
Boasting the largest growth in Internet usage in Africa – from 23.9 million in 2008 to 82.1 million in 2015 – arguably no country on the continent is at greater risk than Nigeria. Aladenusi cautioned that, “the advent of cyber as a weapon of warfare is rapidly gaining momentum and Nigeria is not immune to such threats. It is only a matter of time before it becomes full blown.”
Government policymakers and corporations worldwide by and large share these sentiments as threats increase in size and scope. On 8 October, the US formally accused Russia of hacking the Democratic Party’s computer networks. Then on 21 October, a major DDoS cyber attack in the US caused outages on a slew of websites including Twitter, Spotify, Amazon, Reddit, Yelp, Netflix and The New York Times.
Recent major hacks on high profile companies including Yahoo, Sony Pictures Entertainment, and Vera Bradley have wreaked considerable damage on the corporate world resulting in heightened fears globally.
Commenting on the Yahoo attack that affected 500 million accounts – allegedly one of biggest thefts of online users’ personal information ever – Michael Bittan, a risk manager at Deloitte, cautioned that it was “the biggest to be made public. There have possibly been others that were bigger”.
A recent study by PwC found that the number of global cyber security incidents across all industries rose by 38% in 2015 – the biggest increase in the 12 years since the study was first published.
Spending on cyber security worldwide will rise from $73.7 billion in 2016 to $101.6 billion by the start of the next decade, according to new research released in early October by the International Data Corporation. The US government alone currently spends about $10 billion a year on IT security, and is set to increase this substantially.
The non-existence of a Nigerian national policy on information security or even guidelines on monitoring and censoring internet content will make cyber security a difficult task for both the local government and corporations to tackle in years to come.