Follow Us on Google
By Adanna Nnamani, Abuja
Internet-facilitated crime appears to be expanding quickly as Internet use continues to spread throughout Nigeria.
ICT experts have called for an urgent improvement of measures on data privacy rights awareness, stating that lack of awareness and digital literacy were two of the main reasons people continue to fall victim to various forms of cybercrime.
Many Nigerians, they claim, are unaware of what constitutes a data privacy infringement or what to do in the event of one, and this ignorance has continued to wreak havoc in the digital sphere.
While individuals are daily losing huge sums to Internet fraudsters who are roaming the digital space looking for whom to prey on, financial and government institutions are equally not safe.
Today, Nigeria is battling a new wave of cyberfraud perpetrated by mostly youths who have ditched genuine hard work and are toeing the crime path to amass illicit wealth.
This tragedy, according to social scientists, is caused by the deep decline in cultural norms and values that elevates and celebrates wealth, regardless of its source, above hard work, dedication and passion for legitimate success.
This has led to unhealthy competition among youths, as the majority are on the prowl looking for innocent people to scam and flaunt the proceeds in order to harvest unripe glory from a disillusioned society.
Social commentators are worried that the get-rich-quick bug seems to have beaten so many young Nigerians that they have delved into ritual killings all in a bid to acquire spiritual powers that can control their victims to quickly fall for their antics.
According to the Nigerian Communications Commission (NCC), Nigeria, loses about $500m yearly to cybercrime.
During the just concluded general elections, the country recorded over 16 million cyberattacks both from within and outside the country, according to Isa Pantami, Minister of Communications and Digital Economy.
Also, information released by Statista, a global provider of market and consumer data in February 2022 said that 1,700 males and 337 females were arrested in Nigeria for advance fee fraud in 2019.
In specific, 878 males and 73 females were arrested for cyber-crimes in 2019. Overall, males represented the vast majority of individuals arrested in Nigeria for financial and economic crimes.
In 2020, the US Federal Bureau of Investigation (FBI) placed Nigeria as the 16th country worst affected by cybercrime.
Experts have attributed different factors to the phenomenal increase in cyber scammers in Nigeria. Some of the factors include decay in societal values, lack of a regulatory framework, poor cyber awareness and none-implementation of the law.
Others are poor equipment of law enforcement agents, poverty and unemployment among others.
National Commissioner of Nigeria Data Protection Bureau (NDPB), Dr. Vincent Olatunji, has underscored the need for intensified data privacy awareness and a regulatory framework that will protect those living in Nigeria from online compromises that could lead to huge financial losses, reputational damage, revenue losses, and other forms of abuse.
He said: “We tend to give out our information unknowingly. Some people give out their cards to people around them. This shows that we need to really create awareness for data processors and data subjects. Nigerians should learn to ask more questions from anyone trying to collect their data and be more informed on data privacy and protection.”
Professor Sodiya Adesina, President Nigeria Computer Society (NCS), said Nigeria needs to begin to evaluate its strategies, policies and guidelines to adequately fight cyber crime.
According to him, “what we need to do as a nation is to continue to review our strategies, we need to continue to review our policies and our guidelines towards ensuring that we protect ourselves from these cyber criminals. “They are not even only targeting financial institutions again, it’s now all kinds of institutions. Even individuals are falling victims of cyber attacks and fraud daily. I want to start by informing you that Nigeria has a cyber crime Act of 2015.
“Though, we are asking that we should review the act but why we have not got to the level where we have to start enforcing or talking more about reviewing the act is the fact that many of the provisions in that act how far has it been implemented? And it is when you test an act very well and comprehensively, that you will know whether the provisions are adequate to curb a crime or not.”
He further explained that victims are discouraged to pursue cases of cyber fraud and get justice due to the rigours and processes involved.
Adesina said: “The reason it is difficult to track and make arrests of cyber criminals is cyber crime has evolved to be a coordinated attack. “People are discouraged by the rigorous procedures involved such as getting a police report, court affidavit and the rest. So, many end up forgoing the money they were duped of, especially if it is not a very huge sum, leaving the criminal to continue with his antic on his next victim.
“If for instance, you lose N2000 and they subject you to all kinds of things such as asking you to get a lawyer, how will you be able to fund it? And that is why one of the things we are proposing is that we should have a centre. Like in some countries we have the Bureau of Public Prosecution that if you have a legal issue and you do not have the funds, they can help you to handle it. So that people will not be frustrated because some of those minor ones are even the ones rampant in Nigeria.
“There are guys that all they do is to sit in their homes and think of ways to dupe individuals. There are some that are coordinated and people that are perpetuating them are not even within the country. They coordinate the attacks from different countries. “There are so many things involved but in tracking them, we need a lot of knowledge and expertise. We also need a lot of infrastructure, especially cyber policing. Our police, how many gadgets are they using in carrying out their operations? What is the level of introduction of IT?”
He mentioned that the Office of the National Security Adviser as well as the NCS were working out techniques to protect organisations and people from cyber fraud.
He noted that the Office of the National Security Adviser, had begun some programmes, engaging stakeholders, to develop a new cyber security policy.
“At the level of the Nigeria Computer Society (NCS), we are trying to develop a multilingual attack reporting system that anybody will be able to report attack incidences and we will be able to intelligently profile the attack. So that we can analyse, we can get information, and also advise the government appropriately on the most common attacks we are facing in Nigeria, and how to prevent it,” Adesina disclosed.
Meanwhile, Rogba Adeoye, Executive Secretary, Information Technology Systems and Security Professionals (ITSSP) and Past Chairman of Nigeria Computer Society (NCS) Lagos Chapter, has said that although Nigeria has fantastic cybercrime laws, it lacked the institutional structure to drive them. He recommended awareness creation, training of law enforcement agents in cyber security and establishment of special courts to curb ICT related crimes.
Adeoye said: “There are so many cyber laws that people do not even know exist. But the problem is the structure to drive or implement the laws.
“For example, you are supposed to get a license to operate a cyber cafe. But how many people are aware of this? There is a proliferation of cybercafes without proper supervision. And these are also channels through which cybercrime is committed.
“Starting with the police to the lawyers up to the judges. They all need to be trained in cyber security to familiarise themselves with ICT terms and jargon so that they can easily handle cyber-related cases without being at loss. Also, we can have something like a special court that focuses on treating cases of cyber fraud.”
Mr Kashifu Inuwa said strategic efforts were already in place to protect government agencies from cyber fraudsters. He explained that cybersecurity in general and cyber-fraud/cyber-attacks in particular remain critical areas of concern to the agency.
“It is because of this realization and the need for us to have a coordinated approach to tackling cybersecurity issues that we established the cybersecurity department.
“One of the effective means of tackling cybersecurity issues is creating awareness. This, we know, is not only our best defense but also a means of being in line with global best practices. We have held such awareness seminars at least once in each of the six geo-political zones and have proved to be very successful.
“As part of our activities, we monitor government websites/portals on a 24/7 basis. We proactively monitor to ensure websites are not hacked and when they get hacked, we instantaneously analyze the attack pattern and offer strategies towards resolving the attack and bringing back the website/portal online. We also collaborate with other cybersecurity organisations, both nationally and internationally, to access trending cyber threats and use the information to send out advisory to all MDAs to ensure security measures are implemented before such attacks hit the Nigerian cyber space.
“These have been helping us a great deal towards mitigating the threats of cyber-attacks. We also conduct periodic cyber drills for network administrators of MDAs with the aim of improving their capacity in responding to cyber threats.
“In addition, we conduct an annual ‘October Cyber Security Awareness Event’, in collaboration with other regulatory agencies as well as private sector organisations.
“In an effort to consolidate these efforts, we identified cybersecurity as one of the pillars in SRAP and we have initiatives such as: creation of framework for adoption of indigenous cybersecurity solutions; implementation of the information security and digital assets management guidelines for federal public service; harmonise national Public Key Infrastructure (PKI) implementation initiatives; capacity building training for national cyber defence team; and establishment of local cybersecurity/information security professionals certification authority/body,” he explained.
