Nigeria, Africa’s largest economy, is grappling with a sharp rise in cyber-attacks, as organizations in the country experience an average of 3,759 incidents per week. This figure is notably higher than the global weekly average of 1,876, as highlighted in the 2024 African Perspectives on Cyber Security Report by Check Point Software Technologies.
Key Findings:
- Cyber Threat Landscape: Nigeria’s accelerating digital transformation, particularly in the finance, government, and education sectors, has increased its vulnerability to cyber threats. The report emphasizes the growing reliance on digital platforms and the expanding scope of cyber-attacks targeting these critical sectors.
- Ransomware Dominance: Ransomware has emerged as the primary cyber threat in Nigeria, with attackers exploiting zero-day vulnerabilities to carry out devastating attacks on both public and private entities. Other significant threats include botnets, information stealers, and banking malware, which are becoming increasingly sophisticated.
Sector-Specific Impact:
- Financial Sector: Nigeria’s financial sector is the hardest hit, facing an average of 4,718 cyber incidents weekly. This is the highest incidence rate among all sectors in Nigeria. Weak multi-factor authentication systems and outdated banking infrastructure have made financial institutions especially vulnerable. A case study cited in the report highlighted a significant phishing attack in March 2024, which compromised over 10,000 bank accounts, leading to a loss of $3 million and a severe reputational damage to the bank involved.
- Emotet Trojan Attack: In the reported breach, cybercriminals used the Emotet Trojan to infiltrate financial systems, allowing them to steal millions of naira from customer accounts. This attack not only caused substantial financial losses but also led to a sharp decline in the bank’s stock value and loss of customer trust.
- Government and Education Sectors:
- Government Institutions: The government faces an average of 1,791 weekly cyber-attacks, primarily from ransomware and botnets. Exploited vulnerabilities, such as remote code execution and information disclosure, have left this sector particularly exposed. Attacks on government institutions often aim to disrupt economic operations and can have significant national security implications.
- Education Sector: The education sector is not far behind, suffering 1,682 weekly attacks. Phishing schemes and malware infections are the main methods of attack. The lack of proper cybersecurity training for staff and students makes these institutions easy targets for hackers.
Growing Sophistication of Cyber Threats:
The report underscores a broader trend of increasing sophistication in cyber threats across Nigeria. The global rise in ransomware attacks has been mirrored in Nigeria, with a 90% year-over-year increase in attacks across Africa. Cybercriminals are increasingly leveraging advanced technologies, such as generative AI, to enhance the precision of phishing campaigns and malware development, further complicating the nation’s efforts to secure its digital assets.
Recommendations for Strengthening Cybersecurity:
- Financial Sector Reforms: The report calls for the adoption of advanced authentication protocols, regular security audits, and upgraded financial systems to mitigate the growing threat of cyber-attacks in the banking sector.
- Cybersecurity Levy and Awareness: In response to the escalating threats, the Central Bank of Nigeria (CBN) introduced a cybersecurity levy to fund improvements in the country’s cybersecurity infrastructure. However, the levy faced public resistance, leading to a reduction in the proposed rate. The report also highlights the need for ongoing cybersecurity awareness campaigns and further investment in AI-driven security solutions.
- Stronger Encryption and Threat Detection: To combat the rising cyber threats, the report recommends the adoption of stronger encryption protocols and advanced threat detection technologies to bolster Nigeria’s defenses against cyber-attacks.
Nigeria’s vulnerability to cyber-attacks is accelerating as digital transformation deepens across key sectors. The country must urgently address its cybersecurity weaknesses, particularly in financial systems, government operations, and educational institutions. Strengthening its digital infrastructure, alongside investing in advanced technologies and raising cybersecurity awareness, will be essential to safeguarding Nigeria’s growing digital economy from increasingly sophisticated threats.