By Jonah Nwokpoku

As cyber-security threats shift from hacking for fun to deliberate efforts in order to get financial information, an expert in information security has warned that banks, other financial institutions and large corporations in the country may experience cyber-attacks before the end of the year, unless they strengthen their cyber resilience through implementation of adequate technology. 

Cyber Crime

President, Information Systems Audit and Control Association, ISACA Abuja chapter, Opeyemi Onifade, gave the warning recently as part of the preparation for ISACA’s forthcoming tenth year anniversary and annual conference in Abuja. According to him, as a member of the global society, “Nigeria cannot be insulated from the opportunities and threats of globalisation.”

To overcome cyber-attacks, he warned that banks would need to strengthen their cyber resilience through implementation and adoption of process-oriented good practices, technology and standards, and engagement of right skills and competencies. According to him, “We need to understand that we cannot succeed by accident. The cyberspace is now recognized as the fifth domain of warfare in addition to land, air, sea and space.

Unfortunately, in Nigeria, our cyberspace domain is still a neglected and unprotected territory. Yet, we depend so much on mobile telecommunications, electronic banking and electronic commerce for our socio-economic survival.”  Onifade said it has become imperative to address Nigeria’s collective capacity to respond to the inevitability of cyber threats, especially Advanced Persistent Threats (APTs).

“The purpose of the majority of APTs is to extract information from systems—this could be critical research, enterprise intellectual property or government information, among other things. Talking about the shift in the motive for hacking (i.e. compromising the security profile of information systems), you will find that there is an evolution in the motivation for attacks.

“Motivation for attacks can be explained as being attacked because you are on the Internet and you have vulnerabilities. Or because you are on the Internet and you have information of value or because of who you are, what you do or the value of your intellectual property. These would include state-sponsored attacks and corporate espionage.

According to recent research, Cyber security is a top global concern as 82 percent of enterprises will experience a cyber-incident in 2015,” he said. To him, government should declare an emergency in the cyber security education domain of the country in order to promote cyber security expertise and create a formidable “army” that would ensure effective national cyber defence.