Nigeria, Africa’s largest economy, continues to face an onslaught of cyber-attacks, with organisations experiencing an average of 3,759 incidents weekly.
This figure is significantly higher than the global weekly average of 1,876, according to the 2024 African Perspectives on Cyber Security Report by Check Point Software Technologies.
The report stressed the nation’s vulnerability as it accelerates digital transformation across key sectors, including finance, government, and education.
Ransomware has emerged as the dominant cyber threat, targeting both public and private entities by exploiting zero-day vulnerabilities.
Other significant threats include botnets, information stealers, and banking malware, which have become increasingly sophisticated in targeting financial data and network infrastructure.
The report read: “Nigeria continues to face one of the highest frequencies of cyber-attacks in Africa, with organisations being attacked on average 3,759 times per week. This alarming statistic highlights the urgent need for robust cybersecurity measures to protect critical sectors, especially finance, government, and healthcare.
“In 2024, ransomware has become the most significant cyber threat in Nigeria, with attacks exploiting zero-day vulnerabilities and causing widespread damage to both public and private entities. Additionally, botnets, information stealers, and banking malware remain persistent threats, with attackers increasingly targeting network infrastructure and financial data.”
Nigeria’s financial sector hardest hit
- Nigeria’s financial sector bears the brunt of these cyber-attacks, facing an average of 4,718 incidents weekly, the highest among all sectors.
- This alarming frequency stems from weak multi-factor authentication systems and outdated banking infrastructure.
- A case study in the report highlighted a major breach in March 2024, where a phishing attack compromised over 10,000 accounts in a leading Nigerian bank.
- The attackers used the Emotet Trojan to infiltrate financial systems, resulting in a $3 million loss and a sharp decline in the bank’s stock value.
In the case study, the report noted: “The Banking Trojan allowed the attackers to gain unauthorised access to critical financial systems, leading to the theft of millions of naira from customer accounts. The bank’s internal investigation revealed that over 10,000 customer accounts were compromised, and the total financial loss was estimated at approximately 3 million USD. The attack caused significant reputational damage to the bank, leading to a loss of customer trust and a sharp decline in stock prices.”
Government and education sectors under siege
- Government institutions face an average of 1,791 weekly cyber-attacks, with ransomware and botnets posing the most significant threats.
- Exploited vulnerabilities such as remote code execution and information disclosure have left this sector particularly exposed. Public sector attacks often aim to disrupt economic operations, with substantial implications for national security.
- Similarly, the education sector endures 1,682 attacks weekly, primarily through phishing schemes and malware infections.
- The lack of cybersecurity training for staff and students exacerbates vulnerabilities, making academic institutions easy targets for hackers.
What you should know
- The report also highlighted a broader trend of increasing sophistication in cyber threats across Nigeria. With Africa experiencing a 90% year-over-year increase in ransomware attacks, Nigeria’s growing reliance on digital platforms makes it a prime target. Threat actors have begun leveraging advanced technologies like generative AI to enhance the precision of phishing campaigns and malware development.
- The report calls for urgent reforms in financial systems, including the adoption of advanced authentication protocols and regular security audits. While the Central Bank of Nigeria (CBN) has introduced a cybersecurity levy to fund improved defenses, the measure faced public resistance, leading to a significant reduction in the rate.
- Advanced AI-driven solutions are also being deployed to fortify the nation’s defenses, but the report stresses the need for sustained investment in cybersecurity infrastructure. Recommendations include implementing stronger encryption protocols, adopting advanced threat detection technologies, and conducting ongoing cybersecurity awareness campaigns.
.gif)
