By Adedapo Adesanya
Cyber threats in Nigeria in 2021 depreciated by 7.5 per cent, according to the latest research by Kaspersky.
This dramatic change in the threat landscape is coming at a time regular and self-propagating malware is decreasing dramatically, as it is no longer effective and cannot fly under security radars.
Security researchers at Kaspersky noticed that Kenya recorded the highest decline with an unprecedented 28.6 per cent, while South Africa saw a 12 per cent decrease.
The reason for such a change was the introduction and popularisation of new cybercrime models in the region, with cybercrime tools becoming more targeted along with a long-running trend where malware creators rely not on the technical advantage of their technologies over security protection, but on the human factor.
The cybersecurity firm noted that this has stimulated the evolution of phishing schemes in 2021. In particular, the region saw a wave of ‘Anomalous’ spyware attacks.
The usual phishing spyware attack begins when attackers infect a victim by sending them an e-mail with a malicious attachment or a link to a compromised website and ends when the spyware is downloaded and activated on the victim’s device.
Having gathered all necessary data, the operator usually ends the operation by attempting to leave the infected system unnoticed. In anomalous attacks, however, the victim’s device becomes not only a source of data but also a tool for spyware distribution.
Having access to the victim’s email server, the malware operators use it to send phishing emails from a legitimate company’s email address. In this case, anomalous spyware attacks an organisation’s server for collecting stolen data from another organisation and sending further phishing emails.
Speaking on this, Maria Garnaeva, Senior Security Researcher at Kaspersky ICS CERT team, “The Anomalous spyware attacks have a huge potential for growth in South Africa, Kenya and Nigeria in 2022, because unlike regular spyware the entry-level for attackers who wish to employ this tactic is significantly lower – since instead of paying for their own infrastructure, they abuse and employ the victims’ resources.
“We see that cheaper attack methods have always been on the rise in the region and cybercriminals quickly pick up on new tactics. Kaspersky, therefore, suggests that in the nearest future, these countries should be prepared for such attacks.”
She explained that the mass scale attacks are not disappearing, but rather transforming with the scheme usually following a style where a user searches for a free version of an extremely popular legitimate spyware and the cybercriminals offer them a fake installer using ‘black SEO technic’ – the abuse of the legitimate search engines, resulting in the offering of the fraudulent websites first.
As a result of software installer execution, a few dozen malware samples are downloaded and installed with the goal of turning the infected devices into a part of the Glupteba botnet.
The whole fake installers campaign and botnet have been extremely active in South Africa in 2021 and continue to evolve, yet it is scarcely researched.
“While the Glupteba botnet seems to be a threat for consumers, we are still researching it and keeping an eye on its behaviour, since some distributed malware resembles APT-related samples like Lazarus APT groups and were recently used in the largest DDoS attack in Russia. It is too early to say it with a high level of confidence, but these factors may suggest that we are now entering the era where APT actors start to use existing malware distribution platforms which makes attribution of such attacks harder and opens a new vector similar to supply chain attacks,” added Ms Garnaeva.
Recommendations from Kaspersky
In order to stay protected from such new cybercrime models and threats, Kaspersky recommends the following:
– Pay close attention to and don’t open any suspicious files or attachments received from unknown sources.
– Do not download and install applications from untrusted sources.
– Do not click on any links received from unknown sources and suspicious online advertisements.
– Create strong passwords and don’t forget to change them regularly.
– Always install updates. Some of them may contain critical security issues fixes.
– Ignore messages asking to disable security systems for office software or antivirus software.
– Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security.
Nigeria’s Battle Against Cybercrime: Are You Safe?
Cybercrime is nothing new in Nigeria. Part of youth culture for decades, criminal enterprises have spread across the country.
In 2020, Nigeria ranked 16th highest in the world for international cybercrimes, by the FBI. However, Nigeria ranked 47th on the Global Cybersecurity Index, showing a vast disparity between the volume of cybercrime, and the effectiveness of Nigeria’s cybersecurity.
To understand this divide, it’s important to understand where cybercrime originated in the country.
A brief history of cybercrime in Nigeria
The roots of cybercrime culture in Nigeria date as far back as the 1980s. In those early days, Nigerian youth mainly perpetrated cybercrime through email scams.
Known colloquially as the “yahoo yahoo” business, “yahoo boys” use social engineering tactics to con their victims into sending them money. The fraudsters often use emotional pressure points or promises of high returns.
The Nigerian government took a blow in 2020 when hacker collective Anonymous declared cyberwar against them. They hacked the database of the Central Bank of Nigeria and police websites on behalf of the #ENDSARS movement.
Biggest threats to Nigeria’s cybersecurity
The landscape of global cyber threats shifts regularly. However, recent years have shown a rise in the popularity of certain types of cybercrime in Nigeria.
Social engineering tactics
Arguably the oldest cybercrime in Nigeria, social engineering continues to be a favourite of Nigerian cybercriminals. These tactics often include heartfelt backstories, pleas for help, and the promise of love, or return on investment — all via email.
These tactics play on victims’ emotions and vulnerabilities. Those who’ve been successful with these scams live frivolous lifestyles. “Yahoo boys” with fancy cars and clothes have also become role models for young people desiring the same lifestyle.
Chances are you’ve ended up on a site like this before. Sometimes they pose as legitimate sites but are almost always just an attempt to collect data, or install viruses. Phishing sites are hugely popular in Nigeria as it goes hand in hand with email scams.
You only need to click on a dangerous link before a fraudster can view your data. This is where using a VPN for PC is essential. Virtual Private Networks (VPN) hide your browsing and location data from malicious phishing websites.
A significant area of concern for Nigerian businesses is insider collaboration. This occurs between criminals and employees. Fraudsters have often sent out open requests for anyone willing to cause damage to their employer for payment.
This is quite hard to track too, as hackers use valid credentials to access secure networks. Keeping logs of activities within the network can help to find leaks. This can also help to spot malicious activity in the future.
Cybersecurity vulnerabilities of third parties
One of the biggest concerns for Nigerian businesses is the security of third parties. Even if your business is a fortress, a poorly protected third-party can bring the castle tumbling down.
This is especially troubling to Nigerian businesses operating globally. More third parties mean more vulnerabilities. Only work with trusted clients and expand the scope of your cybersecurity to those you work with.
A hot-button issue in Nigeria at the moment, deepfake fraud is more common than ever. Deepfake technology is the life-like reanimation of an individual’s face, meaning you can make anyone say anything.
Unfortunately, deep-fake is only getting better. In 2018, Nigerian President Muhammadu Buhari was featured in a deepfake video. The video became so viral that the President was prompted to make a statement dismissing the video as a fake.
How Nigeria is fighting back
Policing against cybercrime in Nigeria has been inadequate for decades. Only recently has the government declared significant steps in its plan to fight the rising issue of cybercrime.
Nigeria introduces the National Cybersecurity Policy and Strategy (NCPS)
In 2021, Nigeria implemented the NCPS, which indicated cybercrime as a leading threat to Nigeria and its economy. The NCPS represents an attempt to safeguard Nigeria’s digital economy, by strengthening the country’s legal and regulatory framework.
Also ongoing is the development of the National Cybersecurity Coordination Centre (NCCC). The NCCC would ensure clear communication and a well-developed response to cybercrime across Nigeria.
Efforts like these are projected to boost cyber protections and cybersecurity awareness. While work is still ongoing, the future of cybersecurity in Nigeria looks bright.
Although it has been a mainstay for years, cybercrime is now starting to be taken seriously in Nigeria.
Being uncontrolled for so long, cybercrime has been able to grow steadily.
By embracing modern cybersecurity practices, Nigeria might finally rid itself of its unwanted cybercriminal image.
5G Subscriptions to Reach 4.4 billion in 2027—Ericsson
By Aduragbemi Omiyale
The latest edition of the Ericsson Mobility Report has predicted that 5G subscriptions will hit one billion this year and 4.4 billion in 2025, with North America expected to lead in the next five years with 9 of every 10 subscriptions in the region to be 5G by 2027.
The report, which is the 22nd of Ericsson’s network traffic insights and forecasts, also revealed that global mobile network data traffic doubled in the past two years, driven by increased smartphone and mobile broadband usage, as well as the digitalization of society and industries.
The recent statistics and forecasts highlight the strong demand for data connectivity and digital services have and are expected to have, despite the global COVID-19 pandemic and geopolitical uncertainties. Several hundred million people are becoming new mobile broadband subscribers every year.
As for the 5G subscriptions, it was stated that by 2027, the fifth-generation network will account for 82 per cent of subscriptions in Western Europe; 80 per cent in the Gulf Cooperation Council region; and 74 per cent in North-East Asia.
In India, where 5G deployments have yet to begin, 5G is expected to account for nearly 40 per cent of all subscriptions by 2027. In global terms, 5G is forecast to account for almost half of all subscriptions by 2027, topping 4.4 billion subscriptions.
According to the survey, 5G is scaling faster than all previous mobile technology generations as about a quarter of the world’s population currently has access to 5G coverage.
Some 70 million 5G subscriptions were added during the first quarter of 2022 alone and by 2027, about three-quarters of the world’s population will be able to access 5G.
“The latest Ericsson Mobility Report confirms 5G as the fastest growing mobile technology generation ever, and Ericsson is playing a key role in making it happen.
“We work every day with our customers and ecosystem partners around the world to ensure that millions more people, enterprises, industries, and societies enjoy the benefits of 5G connectivity as soon as possible,” the Executive Vice President and Head of Networks at Ericsson, Fredrik Jejdling, said.
As for the Executive Editor of Ericsson Mobility Report, Peter Jonsson, “The deployment of 5G standalone (SA) networks is increasing in many regions as communications service providers (CSPs) gear up for innovation to address the business opportunities beyond enhanced mobile broadband.
“A solid digital network infrastructure underpins enterprises’ digital transformation plans, and their new capabilities can be turned into new customer services.”
MainOne to Host 7th Nerds Unite June 23
By Adedapo Adesanya
An Equinix company, MainOne, a leading provider of wholesale connectivity and data centre services in West Africa, will host the 7th edition of its flagship event, Nerds Unite, on Thursday, June 23, 2022.
The highly engaging annual event themed The Power of Global Interconnection will feature a keynote address on Interconnection and the power of the global Equinix Platform to connect African Businesses and Global/Local Service providers to be delivered by Vice President, Growth and Emerging Markets, Equinix, Mrs Judith Gardiner.
The conference will also feature two-panel sessions on the topics Unlocking Growth through An Interconnected Global Digital Infrastructure and Maximizing Business Efficiency and Minimizing Talent Drain and Rising CAPEX through IT Outsourcing, as industry experts discuss the immense benefits accruable to subscribers through the power of global interconnection and IT Outsourcing.
Confirmed speakers at Nerds Unite 2022 include Mr Martin Atkinson, Senior Manager, Peering & Interconnection EMEA, Equinix; Edge Strategy Manager, SSA, Meta, Mr Ben Ryall; CEO, Tizeti, Kendall Ananyi; CTO, Lagos Free Zone, Mr Nikhil Khandelwal; Country Manager, HPE operated by Selectium, Ms Ifeyinwa Kojo; Head, Technology Infrastructure, Nigeria Inter-Bank Settlement System Plc (NIBSS), Mrs Eunice King.
Others are Group Head, Network Operations, Access Bank, Mr Adebowale Shonekan; CIO, EKO Electricity Distribution Company (EKEDC), Mr J.P. Attueyi; and Partner, Enterprise Technology & Performance Leader, Deloitte, Mr Oluwole Oyeniran.
Speaking on expectations for this edition, the Chief Executive Officer, MainOne, Mrs Funke Opeke, remarked; “It’s the first time following MainOne’s acquisition that we’d be hosting our annual flagship event, Nerds Unite.
“It is also at a time businesses are just recovering from the COVID-19 pandemic and are faced with new challenges coping with the accelerating rate of digitalization.
“We hope ICT stakeholders find this event very useful, especially with our parent company Equinix billed to share their knowledge of global data interconnection and outsourcing.”
Participants will be drawn from a diverse global audience who can register for the event through the link www.nerdsunite.MainOne.net.
With over 4,000 participants since its inception, Nerds Unite has showcased leading technology solutions to MainOne Customers and has hosted major players in the global and local IT industry.
Latest News on Business Post
- NASD, CSCS Lift Unlisted Securities Exchange by 0.07% June 29, 2022
- Panic as Naira Crashes to N621/$1 at P2P, N609/$1 at Black Market June 29, 2022
- Bears Overwhelm Nigerian Exchange as Index Drops 0.31% June 29, 2022
- Crude Oil Market Rises as Top Producers Near Output Limits June 29, 2022
- Reps Invite PenCom, PTAD Over Failure to Pay Pensioners June 28, 2022
- Investors Trapped as Standard Alliance, Niger Insurance Lose Operating Licences June 28, 2022
- Sterling Bank, NHEA Honour Exceptional Healthcare Providers June 28, 2022
- Nigeria Must Adopt Dual Circulation Economy to Prosper—Sekibo June 28, 2022
- Ecobank Named Best Trade Finance Bank in West Africa June 28, 2022
- $13bn Trans-Saharan Gas Pipeline to Boost Nigeria’s Gas Exports June 28, 2022