July 1, 2012 by Dan Swinhoe
Along with the likes of Kenya, Egypt and South Africa, Nigeria is one of Africa’s internet powerhouses. Like many African countries, it suffers from an underdeveloped and unreliable fixed-line infrastructure. But that hasn’t stopped it topping 45 million internet users, the highest number on the continent.
But with such large numbers come many dangers. Emerging markets across the world are suffering at the hands of targeted hackers and malware due to insecure websites and poorly-trained staff. And on the whole Nigeria is no different. Though the country may be aiming to have 70 Million internet users by 2015, Symantec has warned that the rise of internet users in Nigeria puts the country at a greater risk from cyber-crime. Kelvin Isaac, Symantec’s Vice President of Emerging Markets said, “Nigeria, being a fast emerging market, with huge bandwidth deposits from the various submarine cables, risk higher foreign invasion of cyber-attacks because of the glut in capacity utilization. [That is the]Reason why government, regulator and operators must work in collaboration to ensure that, every avenue to encourage is blocked completely in the country and the risk mitigated.” Like many places around the world, SMBs are particularly at risk as they lack proper security plans and trained in-house staff to counter or quickly recover from any attacks.
There are plenty of web 2.0-literate people in the country, but not necessarily using their skillset for legal purposes. Last year a group of Nigerian hackers known as NaijaCyberHacktivists attacked government sites, including the National Poverty Eradication Programme website and the Niger Delta Development Commission, posting a letter protesting against the N1b ($6.6 million) cost for inauguration for President Goodluck Jonathan and the country’sFreedom Of Information Act. The author of the report pointed to the county’s rabid unemployment figures (currently hovering around the 23% mark) and a country that is ‘rich in raw technology talent.’ In a similar attack in Januarythe Economic and Financial Crime Commission (EFCC) was attacked in response to reports of corruption.
This pool of unemployed and angry talent has only recently started targeting its government. For years Nigeria has been king of spam, with promises of Nigerian princes offering millions for only a small advance fee. These 419 Scams (in reference to the article it’s a crime under in the Nigerian Criminal Code) are so synonymous with the country they are often called Nigerian scams. Back in 2005 Lagos was widely considered the world’s leading place for scam crimes. Although they are still common, they have been on the decline of late (spam is at its lowest levels for years) and Nigerian police have been more active in recent years in shutting down these kinds of operations.
Given that Nigeria’s IT sector is booming, programs to equip more people for careers in the sector are coming through, including World Bank’s ACCESS (Assessment of Core Competence for Employability in the Services Sector) program, which trains young people on a variety of aspects, from written English and basic numerical skills to internet browsing, use of office software, and attention to detail. It’s not quite on the same level that Kenya is doing with its various forensic hacking courses, but it’s a start.
The government is trying to gain traction on developing a world class IT sector, with various ideas and polies to improve accessibility. But a possible cyber-crime spree waiting to happen lies within the country’s move towards a ‘cashless society.’ This move to reduce the amount of cash used and increase electronic payments is a perfectly valid one, but where money is involved there will always be criminals trying to abuse the system. And withoutadequate protection, hackers could rob organizations of several millions and billions of Naira.
A big stumbling block is the country’s lack of cyber security law, making difficult to actually criminalize the hacking of any websites in the country, governmental or otherwise. Dr. Emmanuel Ekuwem, chief executive of Teledom International Group, lamented this lack of law, saying, “Do we have a cybercrime and cyber security law in place? No! Have we designated our Critical National Information Infrastructure? No! There is no law yet that criminalizes the hacking any web sites. Pity!” A bill is in the works, and has been promised sooner rather than later, but when that actually will be is anyone’s guess.
Nigeria is a country with a tradition in cyber-fraud with 419, but as that slowly gets put to bed it will want to avoid the rise of hackers, especially around its e-commerce ambitions. As with many emerging markets, proper training and security measures will help immensely. But critically, getting a proper cyber-security bill in place is needed as a tangible deterrent to would-be criminals. Without that, Nigerian princes needing bank account details might be the least of people’s worries.