Cybercrime threats on the increase as Nigerians embrace cashless policy

Nigeria is increasingly being exposed to the exploits of prowling the digital space even as the nation migrates into an electronic based economy amidst government’s failure to expedite action on the final passage of the cybercrime bill. Growing frequency and degree of cybercrime incidents globally make it apparent that cybercrime is here to stay, according to a 2014 survey by KPMG.

This comes as analysts believe that cybercrime and security are the greatest and perhaps the most dangerous threat to the development of mankind. Worryingly, the Nigerian cyberspace is not free from crime as Central Bank of Nigeria’s report for the first half of 2013 revealed  2,478 fraud and forgery cases involving Nigerian banks valued at over N20 billion. This represented an 8 percent increase over the previous year volume but a significant increase in value of over 200 percent from 2012.

The KPMG report revealed that 2 percent of retail customers had experienced a fraud incident in the last year (2013). However, researchers have expressed worry that while this number appears small today, there is a growing tendency that would jumpstart a potentially disturbing future trend.

Gerben Schreurs, John Hermans and Olumide Olayinka, partners at KPMG, disclosed that although the internet banking has an underrated opportunity and while the adoption of electronic banking has provided some measure of convenience and ease to customers, it is difficult to ignore the resultant security risks that may face customers and financial institutions at large.

The trio identified that the growing popularity and convenience of electronic banking has further presented enhanced opportunities for cybercrime.

“There is a far-reaching scope of threats that range from low degree crimes to high volume and value crimes, all with the potential to impact large corporations and individuals. Security awareness and understanding of risks is crucial in cybercrime defence. As attackers understand the risks of people, processes and technology and how to exploit them, so should organisations. As a consequence, organisations should ask themselves whether they are aware and capable of handling a cybercrime attack. “From our survey, we found that 35 percent do not agree that their organisation is sufficiently aware of cybercrime, although the financial sector respondents score significantly lower. This would imply that financial institutions are more aware of cybercrime than other typologies. As previously discussed, the full scale of cybercrime implications is often overlooked.

“The biggest loss companies perceive is disruption of business processes, but is this true or is it a lack of awareness?” they queried.Though understanding the motives is key, as attacks may come by various methods and means.

“Organisations have experienced some form of ‘social engineering’ attack such as phishing and compromised web applications according to 33 percent of the respondents. The main motives for attacks found are that organizations are perceived as ‘low hanging fruit’ for organised crime. Contrary to previous trends, espionage is not a relevant motivation for attackers, according to 63 percent of the respondents. “Since detective internal control measures are currently not widely used by organisations, the increased use of these internal control measures might change the perspective of organisations on the means and motives of attacks.

“The financial sector represents 67 percent of the attacks where the attacker’s motive was access to money,” the report read. When taking all sectors into account, consumer market companies are most concerned about disruption of business and production processes, KPMG said. Analysts reveal that loss of money, disclosure of intellectual property and other data are so far only recognized as a cause of attack to a limited extent. Some of the major technical areas at high risk, they said, include email servers, web application servers, ERP systems, desktops, and unstructured data on file systems (file servers). Mostly mentioned were web application servers (38 percent), followed by file servers (16 percent) and mail servers (17 percent). Less frequent are attacks that have penetrated ERP systems, desktops, and process control domains (<8 percent).

Before now, the economic cost of cybercrime in Nigeria was quantified in intangibles like missed trade opportunities, all as a result of the inherent distrust of Nigerians in foreign countries – and online – occasioned by countless bad experiences.

Anne Agbaje

You might also like
Retail

Cash-strapped consumers battle high food prices as Christmas beckons

Retail

Asos blames ‘bump in the road’ as investors flee e-commerce crash

Retail

Bread, cereals, Milk, cheese, egg, increases food prices by 13.3% in November 2018

Retail

Why 2019 could be tough for consumer goods firms