By Prince Osuagwu
From available statistics, the use of smartphones would continue to increase globally in the coming years and Nigeria is one of the emerging ICT economies where the boom would pitch and apparently make more impact.
However, there is also rapid increase in cyber attacks from the mobilephone, giving experts concern that good as the boom may become for the economy, if adequate measures are not put in place to check the adverse effects, the economy may not survive the hit when the espionage takes root.
As a measure, internet security experts, Symantec has challenged Nigeria to come up with adequate data protection law that would ensure that operators both of mobile services and financial services do not roll out services that would engage millions of Nigerians without taken into consideration that the data entrusted in their care are strongly protected.
Interestingly, in Symantec’s 2012 internet security trends report Nigeria improved in security ranking in Africa, taking the 6th position in overall internet security profile in Africa, after South Africa, Morocco and a few others. Globally, the country also improved from 59th to 68th position.
Symantec said that in 2012 there were serious threat and attacks on particularly small and medium companies that did not have the financial base or knowledge to protect themselves. Worse hit among these SMEs are the manufacturing companies.
The attacks, according to Symantec, were mainly carried out through spear phishing. Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by random hackers but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information. The spear Phisher thrives on familiarity; he knows your name, email and a little information about you.
However, presenting a 160 page report of internet security trends in 2012, Symantec’s Territory Manager, West Africa Mr Oseme Osobase, warned that a more deadly method has been devised by internet fraudsters to wreck havoc not only to vulnerable companies but to even the well recognised secured organisations. The method, according to him is known as ‘Watering Hole’ method.
With this method, the attacker does not need to bother how to break into the more secure sites of major organisations but would easily do so by targeting and infecting less protected companies who they have links with. The moment the secured organisations open the websites of their partners who obviously are vulnerable, the infected sites render them vulnerable and open to attack.
Osobase also revealed that the attackers also use another method known as Ransom Ware, which locks up your files and data and asks you to pay some amount of money before it is released. He however, gave hints on how people and organisations can equip and defend themselves better.
He said: “The first step is to assume we are targets, secondly is adopt proper security solutions. Third is education- give staff proper education on the threats and developments. Fourth is implement data loss solutions. Fifth is adopt very strong authentication system because majority of attacks are actually from inside sources.