The Nigeria Computer Society (NCS), which revealed this, yesterday, said more efforts must be harnessed locally, to curb the growing menace of cyber attacks in Nigeria.
The President of NCS, Prof. Adesina Sodiya, who stated this in an interaction with journalists, in Lagos, noted that two major attacks confronted the financial sector last year, which were Distributed Denial-of-Service (DDoS), and Social Engineering.
DDoS attack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic, while Social Engineering attacks are the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
Globally, the number of DDoS attacks increased by 84 per cent in the first quarter (Q1) of 2019 compared to Q4 2018, according to research from Kaspersky Lab.
Sodiya said although multiple attacks were launched on the banks, but hid their identities because of the sensitive nature of bank operations, noting that the financial systems have become more proactive and sophisticated in tackling some of these challenges.
“Today, individuals, governments and corporate organisations are losing huge sums of money and property as a result of cyberattacks.
“Threats on the landscape continue to change rapidly, and attacks are increasing in might and sophistication. It is also believed that this trend will continue in the nearest future. Consequently, concerted effort is needed to enhance cyber security in Nigeria,” he said.
Confirming the expenses to prevent cyber attacks, a senior bank executive with Sterling Bank, who preferred anonymity, in a chat with The Guardian, yesterday, however disclosed that banks spent far above the estimated N200billion last year procuring several security solutions, including firewalls, Endpoint Security, Data Loss Prevention, Unified Threat Management, and many others.
Interestingly, he disclosed that some of these solutions were procured majorly from countries including Israel, Ukraine, USA, France, and Switzerland.
“While most industries around the world are affected by the looming danger of cyber threats, the banking sector has always been the worst hit. Naturally, this brings upon considerable damages due to the very environment that the banking sector works in – they deal in billions of dollars every single day, trading with a plethora of people and businesses all over the world. They also deal in incredibly important and vast financial information from multiple customers, making the banking industry a veritable goldmine for cybercriminals,” he stated.
He identified insider threats, malware and fraud, dependency on legacy banking system, non-patched systems were banking sector top security challenges.
Against this backdrop, Sodiya disclosed that the society will today (January 9), in Lagos, hold a stakeholders’ meeting, themed: “Nation’s Cybersecurity Challenges,” to focus on issues around financial fraud, cyber-attacks, social media hacking, and cybersecurity education.
On this, Sodiya said the Director-General, National Information Technology Agency, (NITDA) Kashifu Inuwa Abdullahi, will chair the meeting to be attended by top military, police, and other law enforcement agencies personnel. The Chief Executives from private sector will also be in attendance.
Speaking further, Sodiya said that NCS has the mandate of supporting government towards the realisation of a safe and secured deployment and use of IT resources.
He said: “NCS intends to make this stakeholders’ meeting a pungent platform for analysing the situation critically and provide the reliable solutions to Nation’s Cyber Security Challenges.
“NCS remains committed towards addressing the factors mitigating efficient use of IT for leapfrogging development,” he added.
As part of measures to help in mitigating the effect of cyber attacks in the country, the NCS President informed that the body will launch a website platform called, Computer Emergency Response System, “an intelligence box, where cyber attacks can be reported adequately, and solutions can be proffered.”